๐บ๐ธ
TPI-Abuse
2026-06-27 04:21:10
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:21:03.634686 2026] [security2:error] [pid 11098:tid 11098] [client 193.32.126.227:51202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.141"] [uri "/.env.dev"] [unique_id "aj9Pr5FpSt-d01DDvVtK9gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-27 03:57:27
(5 days ago)
Web vulnerability probing: /.env.backup (bogus vhost/SNI)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 02:56:07
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:56:03.292165 2026] [security2:error] [pid 25611:tid 25611] [client 193.32.126.227:33090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.9"] [uri "/.env.dev"] [unique_id "aj87w9xrniiHr07m-l-lagAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
jormaster3k
2026-06-26 23:31:53
(5 days ago)
Attack against Apache (too many 404s)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 21:28:37
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 17:28:33.440663 2026] [security2:error] [pid 22179:tid 22179] [client 193.32.126.227:56076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.210"] [uri "/.env.production"] [unique_id "aj7vAVT-TTDJrpAmo_d_tQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
LoneRider
2026-06-26 21:02:17
(5 days ago)
[26/Jun/2026:23:02:16.905632 +0200] aj7o2ElkHckLIBV2kjuzdQAAAAc 193.32.126.227 34262 127.0.0.1 7081
...
show more
[26/Jun/2026:23:02:16.905632 +0200] aj7o2ElkHckLIBV2kjuzdQAAAAc 193.32.126.227 34262 127.0.0.1 7081
[26/Jun/2026:23:02:16.906030 +0200] aj7o2EUlHfVKpp8Lyz7EKQAAAAo 193.32.126.227 34252 127.0.0.1 7081
[26/Jun/2026:23:02:16.906287 +0200] aj7o2ODxlunwSAEma37a7QAAAAg 193.32.126.227 34258 127.0.0.1 7081
...
show less
Hacking
๐ซ๐ฎ
tjs
2026-06-21 23:20:00
(1 week ago)
web attack
Hacking
Web App Attack
๐จ๐ฆ
Mediashaker
2026-06-21 10:37:02
(1 week ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 193.32.126.227 (FR/Franc ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 193.32.126.227 (FR/France/-)
show less
Port Scan
๐ฌ๐ง
Celtic
2026-06-21 10:34:56
(1 week ago)
Blocked by Fail2Ban with Jail (plesk-modsecurity)
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-21 10:29:06
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:28:59.413920 2026] [security2:error] [pid 31969:tid 31969] [client 193.32.126.227:2476] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "passwordresearch.com"] [uri "/stats/statistic68.html/.env"] [unique_id "aje86zJQC63qZe5X5JlucAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-21 10:28:04
(1 week ago)
Aggressive web search of vulnerable pages: /live-armel-dupas-jazz-migration-3//.env /live-armel-dupa ...
show more
Aggressive web search of vulnerable pages: /live-armel-dupas-jazz-migration-3//.env /live-armel-dupas-jazz-migration-3//.git/logs/HEAD /live-ar ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 10:12:32
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.32.126.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:12:26.096799 2026] [security2:error] [pid 18202:tid 18202] [client 193.32.126.227:2942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/detalle.php"] [unique_id "aje5CigqurbOJRnSBVuFBwAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-21 10:05:19
(1 week ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (40/60 min)'; Requests=40
Port Scan
๐ซ๐ฎ
albionfreemarket.com
2026-06-21 10:02:00
(1 week ago)
193.32.126.227 - - [21/Jun/2026:10:01:58 +0000] "GET /pricecheck/T7_2H_CLAYMORE@4/web/app_dev.php HT ...
show more
193.32.126.227 - - [21/Jun/2026:10:01:58 +0000] "GET /pricecheck/T7_2H_CLAYMORE@4/web/app_dev.php HTTP/2.0" 403 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 0.000 "-" "FR"
193.32.126.227 - - [21/Jun/2026:10:01:58 +0000] "GET /pricecheck/T7_2H_CLAYMORE@4/php-info.php HTTP/2.0" 403 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 0.000 "-" "FR"
...
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
COMAITE
2026-06-21 10:01:01
(1 week ago)
Suspicious URL access.
Web App Attack