๐บ๐ธ
TPI-Abuse
2026-07-10 03:41:03
(20 minutes ago)
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 23:40:57.561286 2026] [security2:error] [pid 10967:tid 10967] [client 160.179.159.199:61719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goglobex.com"] [uri "/.env"] [unique_id "alBpyTWiGuGRoW3A38zcdwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-07-10 03:40:49
(21 minutes ago)
Triggered Cloudflare WAF (firewallManaged) from MA.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET meth ...
show more
Triggered Cloudflare WAF (firewallManaged) from MA.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ฎ
inlink.ltd
2026-07-10 03:40:20
(21 minutes ago)
dot file probe
Web App Attack
๐ซ๐ฎ
6kilowatti
2026-07-10 02:41:15
(1 hour ago)
160.179.159.199 - - [10/Jul/2026:05:41:13 +0300] "GET /.env HTTP/1.1" 404 87415 "-" "-"
...
Web App Attack
๐ฆ๐บ
nzhost.co.nz
2026-07-10 01:46:31
(2 hours ago)
$f2bV_matches
Hacking
Brute-Force
๐ฉ๐ช
Ba-Yu
2026-07-10 01:41:04
(2 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ท๐บ
DZBOT
2026-07-10 01:39:39
(2 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-10 00:41:31
(3 hours ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 00:40:17
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 20:40:11.666814 2026] [security2:error] [pid 4146:tid 4146] [client 160.179.159.199:49614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bacona.net"] [uri "/.env"] [unique_id "alA_a3b5bNDp6kV9-UJhNAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-10 00:39:19
(3 hours ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-09 23:36:07
(4 hours ago)
(caddyscan) Scanner path probe from 160.179.159.199 (MA/Morocco/-): 5 in the last 3600 secs; Ports: ...
show more
(caddyscan) Scanner path probe from 160.179.159.199 (MA/Morocco/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 160.179.159.199 - - [09/Jul/2026:23:35:10 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 160.179.159.199 - - [09/Jul/2026:23:35:21 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 160.179.159.199 - - [09/Jul/2026:23:35:22 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 160.179.159.199 - - [09/Jul/2026:23:35:38 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 160.179.159.199 - - [09/Jul/2026:23:36:06 +0000] "GET /.env HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-09 23:35:44
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 19:35:39.240007 2026] [security2:error] [pid 10903:tid 10903] [client 160.179.159.199:58493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.propoolserviceandrepair.com"] [uri "/.env"] [unique_id "alAwS-5XeXXEhsAbFP4uJwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-09 22:47:04
(5 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
Anonymous
2026-07-09 22:40:30
(5 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 22:39:09
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.179.159.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 18:39:05.516596 2026] [security2:error] [pid 9432:tid 9432] [client 160.179.159.199:58763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wc2023.renju.net"] [uri "/.env"] [unique_id "alAjCSMjU_MactOXzoSXMAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack