๐ซ๐ท
MatStef132
2026-07-02 17:03:11
(10 hours ago)
MatShield L7: blocked on mathost.eu (suspicious behaviour)
DDoS Attack
๐บ๐ธ
Matthew Ping
2026-07-02 16:45:01
(11 hours ago)
ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
Anonymous
2026-07-02 16:30:03
(11 hours ago)
CrowdSec decision: crowdsecurity/http-sensitive-files (origin: crowdsec)
Web App Attack
๐ซ๐ท
masterguru
2026-07-02 15:54:56
(12 hours ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐บ๐ธ
alecj.com
2026-07-02 15:29:14
(12 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack
๐ฌ๐ง
Apache
2026-07-02 14:25:35
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.39.212.105 (DE/Germany/-): 5 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 82.39.212.105 (DE/Germany/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:30:53
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.39.212.105 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.39.212.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:30:47.714438 2026] [security2:error] [pid 7912:tid 7925] [client 82.39.212.105:48676] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metropaint.net"] [uri "/.git/config"] [unique_id "akZZ9xWHbKqh3iGB9-JtIwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-02 08:22:12
(19 hours ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐ฉ๐ช
todix
2026-07-02 08:08:45
(19 hours ago)
Web App Attack Exploid from 82.39.212.105
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-02 07:50:03
(20 hours ago)
82.39.212.105 - - [02/Jul/2026:10:50:00 +0300] "GET /.env HTTP/1.1" 404 4665 "-" "Mozilla/5.0 (Macin ...
show more
82.39.212.105 - - [02/Jul/2026:10:50:00 +0300] "GET /.env HTTP/1.1" 404 4665 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
82.39.212.105 - - [02/Jul/2026:10:50:02 +0300] "GET /backend/.env HTTP/1.1" 404 4666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0"
...
show less
Web App Attack
๐ฏ๐ต
Kinsei Engineering Inc.
2026-07-02 06:52:56
(21 hours ago)
2026/07/02 15:52:55 [error] 215204#215204: *46350 access forbidden by rule, client: 82.39.212.105, s ...
show more
2026/07/02 15:52:55 [error] 215204#215204: *46350 access forbidden by rule, client: 82.39.212.105, server: www.kinsei.jp, request: "GET /.env.production HTTP/2.0", host: "www.kinsei.jp", referrer: "https://kinsei.jp/.env.production"
2026/07/02 15:52:55 [error] 215204#215204: *46351 access forbidden by rule, client: 82.39.212.105, server: www.kinsei.jp, request: "GET /.env.development HTTP/2.0", host: "www.kinsei.jp", referrer: "https://kinsei.jp/.env.development"
2026/07/02 15:52:56 [error] 215205#215205: *46365 access forbidden by rule, client: 82.39.212.105, server: www.kinsei.jp, request: "GET /.env HTTP/2.0", host: "www.kinsei.jp", referrer: "https://kinsei.jp/.env"
show less
Brute-Force
Web Spam
๐ฉ๐ช
rzk
2026-07-02 06:26:03
(21 hours ago)
CrowdSec scenario: crowdsecurity/http-sensitive-files. Banned by Koru Cloud platform after multi-eve ...
show more
CrowdSec scenario: crowdsecurity/http-sensitive-files. Banned by Koru Cloud platform after multi-event detection. ASN: NolimitCloud s.r.o. Country: DE. Timestamp: 2026-07-02T06:26:03+00:00.
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
Tsumugi Kotobuki
2026-07-02 06:21:13
(21 hours ago)
Port Scan on Honeypot | Ports: 80/HTTP | Proto: TCP(1) | Flags: all SYN | TTL: 58 | Len: 60B | Win: ...
show more
Port Scan on Honeypot | Ports: 80/HTTP | Proto: TCP(1) | Flags: all SYN | TTL: 58 | Len: 60B | Win: 64240(1) | F2B/ufw-honeypot@2026-07-02T06:21:13Z
show less
Port Scan
Hacking
Anonymous
2026-07-02 06:17:17
(21 hours ago)
(caddyscan) Scanner path probe from 82.39.212.105 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 82.39.212.105 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 82.39.212.105 - - [02/Jul/2026:06:17:13 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 82.39.212.105 - - [02/Jul/2026:06:17:13 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 82.39.212.105 - - [02/Jul/2026:06:17:14 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 82.39.212.105 - - [02/Jul/2026:06:17:14 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 82.39.212.105 - - [02/Jul/2026:06:17:14 +0000] "GET /.env.production HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-02 05:47:39
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.39.212.105 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.39.212.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:47:35.039156 2026] [security2:error] [pid 7713:tid 7713] [client 82.39.212.105:43880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krugmans.com"] [uri "/.git/HEAD"] [unique_id "akX7d31Zzx6xpzCVQul8nQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack