Anonymous
2026-07-14 16:32:08
(2 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-07-13 05:23:53
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 01:23:45.150804 2026] [security2:error] [pid 19578:tid 19578] [client 8.219.163.138:48088] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.tpdtuberental.com"] [uri "/.env"] [unique_id "alR2YbHGvD0YwgybQXDYkQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
1gz
2026-07-13 04:29:08
(4 days ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET m ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-13 04:25:23
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:25:16.460426 2026] [security2:error] [pid 25763:tid 25763] [client 8.219.163.138:51246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxford-gliding-club.co.uk"] [uri "/.env"] [unique_id "alRorPEP_drWqsWFn_1eNwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
bohl-aiG5aef
2026-07-13 04:08:49
(4 days ago)
Suricata Alert [SID:2031502] ET INFO Request to Hidden Environment File - Inbound
Hacking
๐ฎ๐ฉ
Burayot
2026-07-13 04:02:32
(4 days ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 8.219.163.138 (SG/Singapore/-): 1 i ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 8.219.163.138 (SG/Singapore/-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:00:17
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:00:11.509838 2026] [security2:error] [pid 27423:tid 27423] [client 8.219.163.138:52856] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lovechicks.com"] [uri "/.env"] [unique_id "alRiy3QzTaWOSJaomMlivAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:23:55
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:23:50.265462 2026] [security2:error] [pid 9501:tid 9501] [client 8.219.163.138:52162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futuresgrowhere.com"] [uri "/.env"] [unique_id "alRaRonLizGcTtviSfV5WwAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:08:03
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:07:55.395022 2026] [security2:error] [pid 9709:tid 9709] [client 8.219.163.138:50748] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eagrant.com"] [uri "/.git/config"] [unique_id "alRWi1dGsuuwm0XkQIm9cAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-13 02:56:55
(4 days ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:40:47
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:40:40.666903 2026] [security2:error] [pid 5308:tid 5308] [client 8.219.163.138:51106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigredgraphicdesign.com"] [uri "/.env"] [unique_id "alRQKAGJhcCXNSqoTKFJNQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-13 02:39:20
(4 days ago)
csagent: score 20.5: secrets grab x2, 404 noise floor x2; 1 domain(s) in 0s
Web App Attack
๐ซ๐ท
โจ
2026-07-13 02:38:11
(4 days ago)
Domain : redirect.netenergy.uk
Rule : env
2026-07-13 02:35:02 217.194.210.152 GET /.env - 443 - 8.21 ...
show more
Domain : redirect.netenergy.uk
Rule : env
2026-07-13 02:35:02 217.194.210.152 GET /.env - 443 - 8.219.163.138 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 - bayhouse.uk 404 0 2 1548 237 286 - -
show less
Hacking
SQL Injection
๐ฑ๐ป
garmtech.com
2026-07-13 02:35:25
(4 days ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:25:44
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.219.163.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:25:38.137575 2026] [security2:error] [pid 10352:tid 10352] [client 8.219.163.138:45326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeomis.com"] [uri "/.git/config"] [unique_id "alRMoj5DcOIAGd86IUElMwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack