๐จ๐ฆ
Not Fake
2026-06-27 20:47:40
(4 days ago)
$f2bV_matches
Web App Attack
๐บ๐ธ
RAP
2026-06-27 20:39:04
(4 days ago)
2026-06-27 20:39:04 UTC Unauthorized activity to TCP port 8080. Web App
Port Scan
Web App Attack
๐ฉ๐ช
maxpower
2026-06-27 19:14:47
(4 days ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 20.59.242.2 (US/United States/-): 2 in t ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 20.59.242.2 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.59.242.2 - - [27/Jun/2026:21:14:37 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 146 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" "-" host=145.239.233.179
20.59.242.2 - - [27/Jun/2026:21:14:38 +0200] "GET /.aws/credentials HTTP/1.1" 404 10399 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" "-" host=145.239.233.179
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-27 19:02:49
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 20.59.242.2 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 20.59.242.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:02:42.714752 2026] [security2:error] [pid 28042:tid 28042] [client 20.59.242.2:43345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.70"] [uri "/.git/HEAD"] [unique_id "akAeUnS56DRG4VX2JNjmDQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 17:52:09
(4 days ago)
Jun 27 13:52:09 localhost kernel: [110927995.680325] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ...
show more
Jun 27 13:52:09 localhost kernel: [110927995.680325] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.59.242.2 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=49 ID=7343 DF PROTO=TCP SPT=43274 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0
Jun 27 13:52:09 localhost kernel: [110927995.680354] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.59.242.2 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=49 ID=7343 DF PROTO=TCP SPT=43274 DPT=2087 SEQ=2217305881 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405A00402080A184F731C000000000103030A)
Jun 27 13:52:09 localhost kernel: [110927995.683016] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.59.242.2 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=47 ID=22708 DF PROTO=TCP SPT=43287 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0
Jun 27 13:52:09 localhost kernel: [110927995.686620] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:0
show less
Port Scan
๐บ๐ธ
MPL
2026-06-27 16:59:44
(5 days ago)
tcp port scan (8 or more attempts)
Port Scan
๐บ๐ธ
Rip
2026-06-27 16:36:50
(5 days ago)
Restricted File Access Attempts
Port Scan
Web App Attack
๐บ๐ธ
NXTwoThou
2026-06-27 16:36:05
(5 days ago)
/___proxy_subdomain_whm/login/%3Flogin_only=1
Web App Attack
๐ฎ๐ฉ
securejdprop
2026-06-27 16:16:25
(5 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to Hidden Environment File - Inbound). Ip 20.59.242.2 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-27 16:16:24.535393191 +0000 UTC
show less
Hacking
Web App Attack
Anonymous
2026-06-27 13:26:04
(5 days ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐บ๐ธ
Rayulcifer
2026-04-11 15:52:57
(2 months ago)
20.59.242.2 - - [11/Apr/2026:10:52:56 -0500] "GET https://zooyoo.top/index.php HTTP/1.1" 200 908 "ht ...
show more
20.59.242.2 - - [11/Apr/2026:10:52:56 -0500] "GET https://zooyoo.top/index.php HTTP/1.1" 200 908 "https://www.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0"
20.59.242.2 - - [11/Apr/2026:10:52:56 -0500] "GET https://zooyoo.top/index.php HTTP/1.1" 200 907 "https://www.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH