๐บ๐ธ
TPI-Abuse
2026-07-07 21:19:30
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:19:25.044948 2026] [security2:error] [pid 21430:tid 21430] [client 185.126.71.153:50487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.52"] [uri "/.env"] [unique_id "ak1tXaRKfJ7o4-ZMUKQ2cgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 20:17:15
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:17:07.778704 2026] [security2:error] [pid 533:tid 533] [client 185.126.71.153:59650] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.27"] [uri "/.env"] [unique_id "ak1ew_rfudH-pBIAJFSVGAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
NewGastroline
2026-07-07 20:04:35
(2 days ago)
Malicious request blocked by CrowdSec on gastro-prod1.boreus.de
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 17:14:33
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:14:27.794142 2026] [security2:error] [pid 20211:tid 20211] [client 185.126.71.153:60195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.238"] [uri "/.env"] [unique_id "ak0z82iTuYnS56NSkoy_pQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 16:38:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:38:43.408294 2026] [security2:error] [pid 30505:tid 30505] [client 185.126.71.153:52950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.56"] [uri "/.env"] [unique_id "ak0rkxWhHNyqtnYqzuayHAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 16:16:54
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:16:48.499608 2026] [security2:error] [pid 11627:tid 11651] [client 185.126.71.153:56793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.18"] [uri "/.env"] [unique_id "ak0mcEUiHdr0sDOzB5gcmwAAARU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-07-07 12:27:13
(2 days ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 185.126.71.153 (US/United States/-): 2 i ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 185.126.71.153 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 185.126.71.153 - - [07/Jul/2026:14:27:08 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 317 "-" "python-requests/2.25.1" "-" host=51.89.2.96
185.126.71.153 - - [07/Jul/2026:14:27:10 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 374977 "-" "python-requests/2.25.1" "-" host=51.89.2.96
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-07 11:52:15
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:52:11.164981 2026] [security2:error] [pid 1139:tid 1139] [client 185.126.71.153:57707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.36"] [uri "/.env"] [unique_id "akzoazX5277Oeyc-2psGCQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 11:30:43
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:30:37.967800 2026] [security2:error] [pid 20419:tid 20419] [client 185.126.71.153:62317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.188"] [uri "/.env"] [unique_id "akzjXZkzVf_XlqyZbLtA0AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
markawes
2026-07-07 11:29:38
(2 days ago)
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
185.126.71.15 ...
show more
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
185.126.71.153 - - [07/Jul/2026:11:29:37 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
185.126.71.153 - - [07/Jul/2026:11:29:37 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
show less
Web App Attack
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-07 11:03:03
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:02:58.353440 2026] [security2:error] [pid 4534:tid 4534] [client 185.126.71.153:58957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.15"] [uri "/.env"] [unique_id "akzc4ni1SFbR1mCneaIqlAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 07:51:55
(3 days ago)
(mod_security) mod_security (id:949110) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 03:51:49.085035 2026] [security2:error] [pid 27119:tid 27119] [client 185.126.71.153:61047] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "192.64.150.240"] [uri "/.env"] [unique_id "akywFXT-hD10V5rrWV8kZQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 06:00:49
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.126.71.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 02:00:41.811511 2026] [security2:error] [pid 4396:tid 4396] [client 185.126.71.153:60944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/.env"] [unique_id "akyWCX99iqSmtFhZuuNOnwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
serverutama
2026-07-07 05:50:01
(3 days ago)
185.126.71.153 - - [07/Jul/2026:12:49:59 +0700] "GET /.env HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Linux ...
show more
185.126.71.153 - - [07/Jul/2026:12:49:59 +0700] "GET /.env HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
185.126.71.153 - - [07/Jul/2026:12:50:00 +0700] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
...
show less
Web App Attack
Hacking
๐บ๐ธ
Hmorrin
2026-07-07 04:15:34
(3 days ago)
Port Scan