๐ฎ๐ช
AutosOnShow
2026-06-28 19:19:08
(1 day ago)
blocked for webapp attack | path requested: /.env | seen at 2026-06-28 19:18:08.488 |
Web App Attack
Anonymous
2026-06-27 15:54:49
(2 days ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 11:35:13
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 07:34:40.510265 2026] [security2:error] [pid 901:tid 901] [client 82.118.29.241:29939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.johneiden.com"] [uri "/.env"] [unique_id "aj-1UHqLgK4cox7N3QSp7wAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 10:28:22
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:28:10.429745 2026] [security2:error] [pid 29770:tid 29770] [client 82.118.29.241:22759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lyounglaw.com"] [uri "/.env"] [unique_id "aj-luh4bsvjlpr0u-uSALgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Marten Mark
2026-06-27 06:16:27
(2 days ago)
82.118.29.241 - - [27/Jun/2026:06:16:23 +0000] "GET /.env.local HTTP/1.1" 404 150 "-" "Mozilla/5.0 ( ...
show more
82.118.29.241 - - [27/Jun/2026:06:16:23 +0000] "GET /.env.local HTTP/1.1" 404 150 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.4 Safari/605.1.15"
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-27 02:10:21
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:10:07.911312 2026] [security2:error] [pid 20197:tid 20197] [client 82.118.29.241:61243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trafficstopper.com"] [uri "/laravel/.env"] [unique_id "aj8w_92BPfg0b7QMyaX0lAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mccsoft.io
2026-06-27 00:06:40
(3 days ago)
Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to ...
show more
Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /.env. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.4 Safari/6. Observed 2026-06-27 00:06:02 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot.
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
Petre 21_ip
2026-06-26 23:18:42
(3 days ago)
2026-06-27T01:18:40.993398+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ...
show more
2026-06-27T01:18:40.993398+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=82.118.29.241 DST=155.133.26.57 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=48253 DF PROTO=TCP SPT=36477 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐ฉ๐ช
YF
2026-06-26 19:20:12
(3 days ago)
Environment file probe
Web App Attack
Anonymous
2026-06-18 10:49:59
(1 week ago)
(wordpress) Failed wordpress login from 82.118.29.241 (SE/Sweden/-)
Brute-Force
๐บ๐ธ
Dolphi
2026-06-17 19:20:08
(1 week ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-05-20 21:48:33
(1 month ago)
82.118.29.241 - - [21/May/2026:00:48:32 +0300] "GET /wp-content/plugins/core-plugin/include.php HTTP ...
show more
82.118.29.241 - - [21/May/2026:00:48:32 +0300] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 404 709 "-" "Go-http-client/1.1"
...
show less
Web App Attack
๐ซ๐ท
Octopuce
2026-05-20 17:07:02
(1 month ago)
Aggressive web search of vulnerable pages: /templates/protostar/error.php /templates/beez3/error.php ...
show more
Aggressive web search of vulnerable pages: /templates/protostar/error.php /templates/beez3/error.php /templates/beez3/jsstrings.php /templates/ ...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-05-20 16:49:27
(1 month ago)
82.118.29.241 - - [20/May/2026:19:49:26 +0300] "GET /wp-content/themes/aahana/json.php HTTP/1.1" 404 ...
show more
82.118.29.241 - - [20/May/2026:19:49:26 +0300] "GET /wp-content/themes/aahana/json.php HTTP/1.1" 404 711 "-" "Go-http-client/1.1"
...
show less
Web App Attack
๐ธ๐ช
KIDOS
2026-05-20 04:30:30
(1 month ago)
CrowdSec detected malicious activity
DDoS Attack