๐บ๐ธ
legionMCCXV
2026-07-16 20:25:57
(6 hours ago)
Non-HTTP protocol data (e.g. MQTT/TLS handshake bytes) sent to HTTP(S) port.
Port Scan
Hacking
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-16 20:07:02
(7 hours ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-16 19:56:19
(7 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/tactical-rmm-lockdown-high.
Hacking
๐บ๐ธ
crooze.net
2026-07-16 19:22:33
(7 hours ago)
207.175.129.209 - - [16/Jul/2026:15:22:32 -0400] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03b!\xE3 ...
show more
207.175.129.209 - - [16/Jul/2026:15:22:32 -0400] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03b!\xE3\xE4\xFCH\xCD\x8A\x92G\xCAJ\x8Fa\xA90\x95h\x04&\x96;g\xE7\xD3nF/\xEC:\xAD\xCA !\x84I4\x80/\xE4\xCC\x8F\xAE~\xEF\xA1\xCB\xF9D\xB1AQr\xDEx]\x11\xAD\xA2Jj\xCB\xD3\x93y\x002\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 150 "-" "-"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-16 19:16:52
(7 hours ago)
PAD: ModSec_Scanner! detected
Bad Web Bot
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-16 19:08:01
(8 hours ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
pm33
2026-07-16 19:06:40
(8 hours ago)
Unsolicited connection attempts or aggressive port scan.
Port Scan
๐ธ๐ฌ
WMK965
2026-07-16 18:43:13
(8 hours ago)
207.175.129.209 - - [17/Jul/2026:02:43:07 +0800] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x036\xE3\ ...
show more
207.175.129.209 - - [17/Jul/2026:02:43:07 +0800] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x036\xE3\xC2p\xF4I\xE97\x87402\xA5\xC5\xC0\x09\xAE\x97Z\xFC7m\x88nu3\xF0\xDD\x8B\xEE@\xF6 \xDE\xC5\xBF\xD9\xD1\xE0\xD2\xA4gO@\xD9\x8F\x97\x16\xD1\x85\x96\x1AX\x1F\xCD\x98\x00\xD5\xF3\x92]\xD9\x09\xD3\xBD\x002\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 154 "-" "-" "-"
207.175.129.209 - - [17/Jul/2026:02:43:12 +0800] ";\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x14\x00\x00\x00\x01hello\x00\x00\x00\x00\x00\x00\x00\xF0?\x00" 400 154 "-" "-" "-"
207.175.129.209 - - [17/Jul/2026:02:43:13 +0800] "\xEF\xE6\xB8\x146\xA7\xFA;\xD6\xDC\xDE\xDCM\xC7\x1B\xE7v*\x02%\x93\x1B\xF1\x0E\xC7\xEC\xD1-X4\x996\xA0O\xD2\xE0\x07Wm\x80\xA2\xD1s\x8A\xD7t\x81H\xAFP,\xA5\xDAr\xF5\x08J2\x0BH\xC3m|\x89" 400 154 "-" "-" "-"
show less
Port Scan
Web App Attack
Anonymous
2026-07-16 17:27:17
(9 hours ago)
207.175.129.209 - - [16/Jul/2026:17:27:11 +0000] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03t\xFC\ ...
show more
207.175.129.209 - - [16/Jul/2026:17:27:11 +0000] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03t\xFC\xF5i\xDE\x9D[w\xCD*\xFB\x8FW\x1C%\x01Y\x88\x1C\xCFh\x8D0\x97t'\xAF\xFA6\xC2Y\xF4 '!\x7F\xE7\x86c*\xC1\xFA<\x91{\xFB\x87'\xA8\x94\xB7|\xD4`\x00\xC5\xB4\xAC\xA3N\xF8\x9C\xED\xEF.\x002\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 150 "-" "-" "-"
207.175.129.209 - - [16/Jul/2026:17:27:16 +0000] ";\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x14\x00\x00\x00\x01hello\x00\x00\x00\x00\x00\x00\x00\xF0?\x00" 400 150 "-" "-" "-"
...
show less
Port Scan
Brute-Force
๐ณ๐ฑ
soverin
2026-07-16 17:05:31
(10 hours ago)
Network scan on port 80
Email Spam
๐ฉ๐ช
patrisei
2026-07-16 16:46:35
(10 hours ago)
You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-probing
Port Scan
Web App Attack
๐จ๐ณ
Peter Yu
2026-07-16 16:27:44
(10 hours ago)
Bad Web Bot
Web App Attack
๐ฉ๐ช
MaxMeier
2026-07-16 16:24:09
(10 hours ago)
207.175.129.209 - - [16/Jul/2026:18:23:08 +0200] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT ...
show more
207.175.129.209 - - [16/Jul/2026:18:23:08 +0200] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36"
207.175.129.209 - - [16/Jul/2026:18:23:09 +0200] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03\x12e\x84[l\xADg\xD8r\xBF<|\x89h\xF4/^\xB5\xBB\xD7+Y\x10ib\x95\xD3\xBD\x12@\xD1y Y\x0B\x17v@g\x15\xF5\xD5\xB5\xFC\xCE\x87y" 400 150 "-" "-"
207.175.129.209 - - [16/Jul/2026:18:23:09 +0200] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36"
207.175.129.209 - - [16/Jul/2026:18:23:14 +0200] ";\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x14\x00\x00\x00\x01hello\x00\x00\x00\x00\x00\x00\x00\xF0?\x00" 400 150 "-" "-"
207.175.129.209 - - [16/Jul/2026:18:23:14 +0200] "\x86\x07\x8F\x8C\xF5fON9\xCF[\x16\x9C\xF26\x03\x82\xEF\xC0\xDE\x91\xBA\x9B\xD4\xD2\
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
johnkarlhill
2026-07-16 15:30:07
(11 hours ago)
WebKnight blocked malicious web request on johnkarlhill.com
Brute-Force
SSH
๐ณ๐ฑ
myip.foo
2026-07-16 15:14:52
(11 hours ago)
[myip.foo] 207.175.129.209 - - [16/Jul/2026:15:14:51 +0000] "\x16\x03\x00\x00i\x01\x00\x00e\x03\x03U ...
show more
[myip.foo] 207.175.129.209 - - [16/Jul/2026:15:14:51 +0000] "\x16\x03\x00\x00i\x01\x00\x00e\x03\x03U\x1C\xA7\xE4random1random2random3random4\x00\x00\x0C\x00/\x00" 400 150 "-" "-"
show less
Web App Attack