๐ฌ๐ง
contactcrm
2026-07-13 09:23:32
(1 day ago)
Form Spam : Form Spam
Web Spam
๐ฎ๐ช
AutosOnShow
2026-06-28 18:21:05
(2 weeks ago)
blocked for webapp attack | path requested: /.env | seen at 2026-06-28 18:20:38.240 |
Web App Attack
๐ฉ๐ช
Mykola Spesivtsev
2026-06-27 11:36:49
(2 weeks ago)
HTTP Tarpit detected bot activity:TargetPort:80, Path:/bootstrap/app.php, Method:GET, UA:Mozilla/5.0 ...
show more
HTTP Tarpit detected bot activity:TargetPort:80, Path:/bootstrap/app.php, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36
show less
Port Scan
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-27 11:35:51
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 07:35:43.766524 2026] [security2:error] [pid 5887:tid 5887] [client 82.118.29.248:54831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.johneiden.com"] [uri "/.env.example"] [unique_id "aj-1j5aneOVh2NRISpxwzwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 10:56:22
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:55:55.424998 2026] [security2:error] [pid 30934:tid 30934] [client 82.118.29.248:62187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heytechiesshow.com"] [uri "/.env.local"] [unique_id "aj-sO8yTzugY38rm5EFJzgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 10:28:40
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:28:06.142698 2026] [security2:error] [pid 29569:tid 29569] [client 82.118.29.248:57943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lyounglaw.com"] [uri "/.env"] [unique_id "aj-ltvr6fNvdr7KnOZXIxQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 07:56:27
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:55:56.085443 2026] [security2:error] [pid 3039:tid 3039] [client 82.118.29.248:43299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.iwsa.info"] [uri "/.env.production"] [unique_id "aj-CDBCG6J4LjrAVFOjV3QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Mykola Spesivtsev
2026-06-27 06:21:04
(2 weeks ago)
HTTP Tarpit detected bot activity:TargetPort:80, Path:/app/config/parameters.yml, Method:GET, UA:Moz ...
show more
HTTP Tarpit detected bot activity:TargetPort:80, Path:/app/config/parameters.yml, Method:GET, UA:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.4 Safari/605.1.15
show less
Port Scan
Web App Attack
Bad Web Bot
๐ฌ๐ง
Marten Mark
2026-06-27 06:16:42
(2 weeks ago)
82.118.29.248 - - [27/Jun/2026:06:16:42 +0000] "GET /.env.bak HTTP/1.1" 404 552 "-" "Mozilla/5.0 (Wi ...
show more
82.118.29.248 - - [27/Jun/2026:06:16:42 +0000] "GET /.env.bak HTTP/1.1" 404 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36"
...
show less
Web App Attack
Bad Web Bot
๐ฉ๐ช
Mykola Spesivtsev
2026-06-27 04:25:21
(2 weeks ago)
HTTP Tarpit detected bot activity:TargetPort:443, Path:/application.properties, Method:GET, UA:Mozil ...
show more
HTTP Tarpit detected bot activity:TargetPort:443, Path:/application.properties, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.36
show less
Port Scan
Web App Attack
Bad Web Bot
๐ฉ๐ช
Mykola Spesivtsev
2026-06-27 02:55:05
(2 weeks ago)
HTTP Tarpit detected bot activity:TargetPort:80, Path:/phpinfo.php, Method:GET, UA:Mozilla/5.0 (Wind ...
show more
HTTP Tarpit detected bot activity:TargetPort:80, Path:/phpinfo.php, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0
show less
Port Scan
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-27 02:11:04
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 82.118.29.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:09:36.229720 2026] [security2:error] [pid 19162:tid 19162] [client 82.118.29.248:24719] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||trafficstopper.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "trafficstopper.com"] [uri "/settings.ini"] [unique_id "aj8w4PgyiAX6hz31-phiGQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mccsoft.io
2026-06-27 00:06:56
(2 weeks ago)
Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to ...
show more
Web application attack / vulnerability scanning. Source sent 1 HTTP request(s) (1 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /actuator/health. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0.0.0 Safari/537.3. Observed 2026-06-27 00:06:02 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot.
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
YF
2026-06-26 20:20:14
(2 weeks ago)
Environment file probe
Web App Attack
Anonymous
2026-06-26 18:57:11
(2 weeks ago)
fail2ban_an apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/.env"]
Bad Web Bot
Web App Attack