π¨π
Kepler-1649c
2026-07-04 10:05:11
(2 days ago)
Detected Attack: Nmap.Script.Scanner
Hacking
π¦πΉ
Starburst SysOp Team
2026-07-04 07:10:00
(3 days ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-vie6-1)
Hacking
Bad Web Bot
π«π·
PΓΆlkky
2026-07-04 07:08:02
(3 days ago)
Abusive IP (403 Forbidden)
Web App Attack
πΊπΈ
gu-alvareza
2026-07-04 07:05:28
(3 days ago)
Java.Debug.Wire.Protocol.Insecure.Configuration
Hacking
πΈπͺ
SkyDancer
2026-07-04 06:58:56
(3 days ago)
Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ...
show more
Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx
show less
Hacking
Brute-Force
SSH
π©πͺ
Trashware
2026-07-04 06:40:09
(3 days ago)
Malicious connection attempt
Hacking
Bad Web Bot
Web App Attack
π³π΄
Bots.go.to.hell
2026-07-04 06:32:55
(3 days ago)
This IP was detected by CrowdSec triggering custom/ip-honeypot
Web App Attack
Bad Web Bot
Anonymous
2026-07-04 06:28:50
(3 days ago)
207.175.99.103 - - [04/Jul/2026:08:28:45 +0200] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03\x02H\x ...
show more
207.175.99.103 - - [04/Jul/2026:08:28:45 +0200] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03\x02H\xE6\xA0-:c\xCD\x01\xEC1\x93,\xBFX\xCEF\xC2\x98\x90\x0C&A\x9B\xCB\x13U\x9A\xC4\x8A#\x89 0B\x11\x5Cd\xCCqw\x82-z7\x03\xF6\x90\x1A\xCFos,^\x89\xC7g\xD4\xD0\xF1+nJ\xB9\xD7\x002\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 150 "-" "-" "-"
207.175.99.103 - - [04/Jul/2026:08:28:50 +0200] ";\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x14\x00\x00\x00\x01hello\x00\x00\x00\x00\x00\x00\x00\xF0?\x00" 400 150 "-" "-" "-"
207.175.99.103 - - [04/Jul/2026:08:28:50 +0200] "r\xC2\xAF\xC5\xCB\xF9\xA7`\x1B*\xF9\x5C\xFE\xCC@d\x08\xE9\xFCh\x0B\xF4M\xD4\x99\x0B\xE4KvX\xE8\x92\xA1\xFA*\xA6'\xD5F\x02\x00\x06/\x90Mn\x80\xCA\xD2\x1C\x11\x8E>*" 400 150 "-" "-" "-"
...
show less
Hacking
Web App Attack
πΊπΈ
itsnixk
2026-07-04 05:55:01
(3 days ago)
(mod_security) mod_security (id:920350) triggered by 207.175.99.103 (BE/Belgium/103.99.175.207.bc.go ...
show more
(mod_security) mod_security (id:920350) triggered by 207.175.99.103 (BE/Belgium/103.99.175.207.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jul 04 01:54:57.711074 2026] [security2:error] [pid 1286716:tid 1287165] [client 207.175.99.103:59630] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+|\\\\[[\\\\da-f:]+\\\\]|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "akigMdMHuCmzroBnDrHBNQAAATY"]
show less
Port Scan
π¨π¦
lakered
2026-07-04 05:42:36
(3 days ago)
Detectors: [NGINX] | Reasons: Nginx: Default server trap hit | Evidence: OS-Signature-Mismatch (UA:W ...
show more
Detectors: [NGINX] | Reasons: Nginx: Default server trap hit | Evidence: OS-Signature-Mismatch (UA:Windows/p0f:Linux) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 | TCP Fingerprint: Linux (Legacy/Embedded) (Link:generic tunnel or VPN, Uptime:6448m)
show less
Port Scan
Exploited Host
π¨π³
Peter Yu
2026-07-04 05:40:08
(3 days ago)
Bad Web Bot
Web App Attack
π³π±
donarev419
2026-07-04 04:27:57
(3 days ago)
Connection to port 80 with data transfer.
Data preview: GET / HTTP/1.1
Host: 87.229.95.155:80
User ...
show more
Connection to port 80 with data transfer.
Data preview: GET / HTTP/1.1
Host: 87.229.95.155:80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleW
show less
Port Scan
Hacking
π¦πΊ
gregoo23
2026-07-04 04:17:57
(3 days ago)
207.175.99.103 - - [04/Jul/2026:14:17:54 +1000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT ...
show more
207.175.99.103 - - [04/Jul/2026:14:17:54 +1000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36"
207.175.99.103 - - [04/Jul/2026:14:17:55 +1000] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03;\x17\xD5Nqu\x8F\xA2\xC2\xD9\xCEm\xF9\xCC\xB103\x06\xD2\xBFUg\xF5>\x82}\xA1\xE2\x95\xC7I\x89 2\x038_xY\xAAo\xC7\xB4\xB6\x88\xFF\xD1\x85\x93\xE6\xA5S\x5C\xCC\xCA\x9F\xF1&\x02\xDF\xCE\xB7\xBD\x806\x002\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 154 "-" "-"
207.175.99.103 - - [04/Jul/2026:14:17:56 +1000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
π«π·
pm33
2026-07-04 04:07:12
(3 days ago)
Unsolicited connection attempts or aggressive port scan.
Port Scan
π¦πΊ
FEWA
2026-07-04 04:02:48
(3 days ago)
Fail2Ban Ban Triggered
Hacking
Bad Web Bot
Web App Attack