๐ง๐ท
Peregrine
2026-07-02 03:09:46
(8 hours ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: - 20.127.214.210 - - [29/Jun/2026:16:55:41 -0300] "GET /. ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: - 20.127.214.210 - - [29/Jun/2026:16:55:41 -0300] "GET /.git/HEAD HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:43 -0300] "GET /.git/config HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:44 -0300] "GET /.git/logs/HEAD HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:47 -0300] "GET /.git/refs/heads/master HTTP/1.1" 404 414
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-07-01 03:09:44
(1 day ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: - 20.127.214.210 - - [29/Jun/2026:16:55:41 -0300] "GET /. ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: - 20.127.214.210 - - [29/Jun/2026:16:55:41 -0300] "GET /.git/HEAD HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:43 -0300] "GET /.git/config HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:44 -0300] "GET /.git/logs/HEAD HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:47 -0300] "GET /.git/refs/heads/master HTTP/1.1" 404 414
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-29 21:59:12
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 20.127.214.210 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 20.127.214.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 17:59:09.661989 2026] [security2:error] [pid 6873:tid 6873] [client 20.127.214.210:12804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.5"] [uri "/.git/HEAD"] [unique_id "akLqrVfVy5xj2XjxCEpKPQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SMi-Web
2026-06-29 21:36:41
(2 days ago)
Blocked by firewall on hugin [2087/tcp] | Rule: UFW | SPT: 12804 | TTL: 49 | LEN: 60 | TOS: 0x00 โข R ...
show more
Blocked by firewall on hugin [2087/tcp] | Rule: UFW | SPT: 12804 | TTL: 49 | LEN: 60 | TOS: 0x00 โข Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-29 21:04:59
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 20.127.214.210 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 20.127.214.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 17:04:53.229784 2026] [security2:error] [pid 10550:tid 10550] [client 20.127.214.210:12817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.36"] [uri "/.git/HEAD"] [unique_id "akLd9SVzFAVBvDeyEk_A0wAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 21:04:22
(2 days ago)
PORT & IP Scan.
Port Scan
Brute-Force
๐ง๐ท
Peregrine
2026-06-29 19:55:50
(2 days ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: - 20.127.214.210 - - [29/Jun/2026:16:55:41 -0300] "GET /. ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: - 20.127.214.210 - - [29/Jun/2026:16:55:41 -0300] "GET /.git/HEAD HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:43 -0300] "GET /.git/config HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:44 -0300] "GET /.git/logs/HEAD HTTP/1.1" 404 414
- 20.127.214.210 - - [29/Jun/2026:16:55:47 -0300] "GET /.git/refs/heads/master HTTP/1.1" 404 414
show less
Bad Web Bot
๐ณ๐ฑ
thedreamer.nl
2026-06-29 19:27:29
(2 days ago)
20.127.214.210 - - [29/Jun/2026:21:27:15 +0200] "GET /.git/HEAD HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Wi ...
show more
20.127.214.210 - - [29/Jun/2026:21:27:15 +0200] "GET /.git/HEAD HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "US" "Washington" "38.70950" "-78.15390"
20.127.214.210 - - [29/Jun/2026:21:27:17 +0200] "GET /.git/config HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" "US" "Washington" "38.70950" "-78.15390"
20.127.214.210 - - [29/Jun/2026:21:27:19 +0200] "GET /.git/logs/HEAD HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "US" "Washington" "38.70950" "-78.15390"
20.127.214.210 - - [29/Jun/2026:21:27:22 +0200] "GET /.git/refs/heads/main HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "US" "Washington" "38.70950" "-78.
...
show less
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
kexol
2026-06-29 18:46:48
(2 days ago)
multiport scan, 2 ports scanned: 8080, 8443
Port Scan
๐ฌ๐ง
Apache
2026-06-29 17:04:55
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 20.127.214.210 (US/United States/-): 5 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 20.127.214.210 (US/United States/-): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
ReyhZhao
2026-06-29 16:58:07
(2 days ago)
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was ...
show more
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was identified within the request arguments, triggering a security rule designed to prevent application attacks.
show less
Brute-Force
๐ฆ๐น
urnilxfgbez
2026-06-10 22:45:00
(3 weeks ago)
Last 24 Hours suspicious: (DPT=445|DPT=3389|DPT=22|DPT=3306|DPT=8080|DPT=23|DPT=5900|DPT=1433)
Port Scan
Anonymous
2026-06-10 14:01:01
(3 weeks ago)
2026-06-10 14:01:01 warning[3071469]: host unknown[20.127.214.210]: unauthorized access at ...
show more
2026-06-10 14:01:01 warning[3071469]: host unknown[20.127.214.210]: unauthorized access attempted: tcp/8080
show less
Port Scan
Brute-Force
๐บ๐ธ
Starburst SysOp Team
2026-06-10 13:18:06
(3 weeks ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-13)
Hacking
Bad Web Bot
๐บ๐ธ
Moby
2026-06-10 12:19:32
(3 weeks ago)
20.127.214.210 - - [10/Jun/2026:07:19:24 -0500] "GET /.git/HEAD HTTP/1.1" 404 984 "-" "Mozilla/5.0 ( ...
show more
20.127.214.210 - - [10/Jun/2026:07:19:24 -0500] "GET /.git/HEAD HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "75.88.18.218" "75.88.18.218"
20.127.214.210 - - [10/Jun/2026:07:19:30 -0500] "GET /.env.production HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "75.88.18.218" "75.88.18.218"
20.127.214.210 - - [10/Jun/2026:07:19:31 -0500] "GET /.env.backup HTTP/1.1" 404 984 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" "75.88.18.218" "75.88.18.218"
...
show less
Web App Attack