π§π·
Peregrine
2026-07-06 03:15:07
(14 hours ago)
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 34.187.185.208 104.22.72.67 - - [02/Jul/2026:12:33: ...
show more
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 34.187.185.208 104.22.72.67 - - [02/Jul/2026:12:33:20 -0300] "GET /.git/config HTTP/1.1" 404 18193
show less
Bad Web Bot
π§π·
Peregrine
2026-07-04 03:15:09
(2 days ago)
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 34.187.185.208 104.22.72.67 - - [02/Jul/2026:12:33: ...
show more
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 34.187.185.208 104.22.72.67 - - [02/Jul/2026:12:33:20 -0300] "GET /.git/config HTTP/1.1" 404 18193
show less
Bad Web Bot
π³π±
homeshowdomain.nl
2026-07-03 22:01:21
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-02.
show less
Web App Attack
SSH
Hacking
π¬π§
openstrike.co.uk
2026-07-03 05:15:29
(3 days ago)
3 attacks on VC URLs:
GET /.git/config HTTP/1.1
Hacking
πΊπΈ
LSPCCU
2026-07-02 22:59:29
(3 days ago)
TSEC Honeypot Network report. Threat score: 80/100. Categories: Hacking, Brute-Force, Web App Attack ...
show more
TSEC Honeypot Network report. Threat score: 80/100. Categories: Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: P0f: OS: Linux 2.
show less
Hacking
Brute-Force
Web App Attack
SSH
πΊπΈ
interbiznw.com
2026-07-02 21:20:02
(3 days ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 21:05:01
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:04:58.018038 2026] [security2:error] [pid 27671:tid 27671] [client 34.187.185.208:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.globetechsecurities.com"] [uri "/.git/config"] [unique_id "akbSeq8QI5kwlKbWodLbbQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Ba-Yu
2026-07-02 20:55:28
(3 days ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-07-02 20:17:26
(3 days ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
πΊπΈ
cwytech
2026-07-02 20:06:30
(3 days ago)
Fleet-wide ban from the Ghostfleet π». Triggered by scenario: cwy/http-honeypath-sniper-crit.
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 19:59:31
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:59:27.470876 2026] [security2:error] [pid 24707:tid 24707] [client 34.187.185.208:56996] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gfs-essl.com.ferienwohnung-buchen.com"] [uri "/.git/config"] [unique_id "akbDH_Te8fPLVGOOsXNdlwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π΄
jad-abuse
2026-07-02 19:52:46
(3 days ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 2 hits.
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 19:36:29
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:36:22.745496 2026] [security2:error] [pid 1309:tid 1309] [client 34.187.185.208:49878] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gesegurospma.com"] [uri "/.git/config"] [unique_id "aka9tprI-iING1VSRxSgEgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 19:35:03
(3 days ago)
Bot / scanning and/or hacking attempts: GET /.git/config HTTP/1.1
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 19:15:24
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.187.185.208 (208.185.187.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:15:21.542353 2026] [security2:error] [pid 3501:tid 3501] [client 34.187.185.208:55362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.genesis-group.ggisoftware.com"] [uri "/.git/config"] [unique_id "aka4ycyxnQPg_8ukchxj6QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack