๐ฎ๐ช
Jim Keir
2026-07-18 19:52:47
(4 hours ago)
2026-07-18 19:52:46 196.119.194.207 File scanning, blocking 196.119.194.207 for 5 minutes
Web App Attack
๐ฌ๐ง
consul.to
2026-07-18 18:02:57
(5 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ฎ
Christopher Hughes
2026-07-18 15:59:11
(7 hours ago)
.env scan
Web App Attack
Anonymous
2026-07-18 09:16:03
(14 hours ago)
Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /.env HTTP/1.1
Hacking
Web App Attack
๐ฌ๐ง
sc user
2026-07-18 08:28:45
(15 hours ago)
Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ...
show more
Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy.
show less
Bad Web Bot
Web App Attack
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-18 07:57:45
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 03:57:39.091185 2026] [security2:error] [pid 20651:tid 20651] [client 196.119.194.207:60142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scriptediting.uk"] [uri "/.env"] [unique_id "alsx80cgAhcfxGkz08oIKgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-07-18 07:56:22
(15 hours ago)
Triggered Cloudflare WAF (firewallManaged) from MA.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET meth ...
show more
Triggered Cloudflare WAF (firewallManaged) from MA.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-18 05:36:49
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:36:45.081006 2026] [security2:error] [pid 11724:tid 11724] [client 196.119.194.207:57400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "skipport.co.uk"] [uri "/.env"] [unique_id "alsQ7eo6Xnd5dvmaBG19pgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-07-18 03:48:02
(20 hours ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-18 02:09:33
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 22:09:27.391821 2026] [security2:error] [pid 1578224:tid 1578224] [client 196.119.194.207:53724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxford-gliding-club.co.uk"] [uri "/.env"] [unique_id "alrgVwvL7NF1RhrE8HwQGgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 01:12:07
(22 hours ago)
196.119.194.207 - - [18/Jul/2026:01:12:06 +0000] "GET /.env HTTP/1.1" 302 622 "-" "Mozilla/5.0 (Maci ...
show more
196.119.194.207 - - [18/Jul/2026:01:12:06 +0000] "GET /.env HTTP/1.1" 302 622 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
myintarweb
2026-07-18 00:44:59
(23 hours ago)
196.119.194.207 - - [18/Jul/2026:01:44:58 +0100] 80 "GET /.env HTTP/1.1" 301 1665 "-" "Mozilla/5.0 ( ...
show more
196.119.194.207 - - [18/Jul/2026:01:44:58 +0100] 80 "GET /.env HTTP/1.1" 301 1665 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-17 23:39:09
(1 day ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 23:33:57
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.194.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 19:33:53.296299 2026] [security2:error] [pid 348132:tid 348132] [client 196.119.194.207:52730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "natashahenry.co.uk"] [uri "/.env"] [unique_id "alq74bBgwhhImovIjcTAQgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-07-17 22:50:11
(1 day ago)
Brute force attack stopped by firewall
Web Spam
Brute-Force
Web App Attack