๐ท๐ธ
Scan
2026-07-01 00:13:30
(6 hours ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
๐ฌ๐ง
Apache
2026-06-30 22:16:11
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.161.51.152 (US/United States/-): 5 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 52.161.51.152 (US/United States/-): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
๐บ๐ธ
Gabriel Camargo
2026-06-30 21:18:13
(9 hours ago)
52.161.51.152 - - [30/Jun/2026:16:18:07 -0500] "GET /.git/HEAD HTTP/1.1" 404 134 "-" "Mozilla/5.0 (M ...
show more
52.161.51.152 - - [30/Jun/2026:16:18:07 -0500] "GET /.git/HEAD HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0"
52.161.51.152 - - [30/Jun/2026:16:18:10 -0500] "GET /.git/logs/HEAD HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
52.161.51.152 - - [30/Jun/2026:16:18:12 -0500] "GET /.git/refs/heads/master HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
...
show less
Brute-Force
SSH
๐น๐ท
SeczarSecureOps
2026-06-30 21:10:20
(10 hours ago)
Auto-blocked by Seczar SecureOps โ IPS Web Attack Signature (1 events in 5min) at 2026-06-30 21:10
Web App Attack
Bad Web Bot
Anonymous
2026-06-30 20:59:05
(10 hours ago)
(caddyscan) Scanner path probe from 52.161.51.152 (US/United States/-): 5 in the last 3600 secs; Por ...
show more
(caddyscan) Scanner path probe from 52.161.51.152 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 216.128.134.2 200 2627 52.161.51.152 - - [30/Jun/2026:20:58:56 +0000] "GET /.git/HEAD HTTP/1.1"
216.128.134.2 200 2627 52.161.51.152 - - [30/Jun/2026:20:58:57 +0000] "GET /.git/config HTTP/1.1"
216.128.134.2 200 2627 52.161.51.152 - - [30/Jun/2026:20:58:58 +0000] "GET /.git/logs/HEAD HTTP/1.1"
216.128.134.2 200 2627 52.161.51.152 - - [30/Jun/2026:20:58:59 +0000] "GET /.git/refs/heads/master HTTP/1.1"
216.128.134.2 200 2627 52.161.51.152 - - [30/Jun/2026:20:59:00 +0000] "GET /.git/refs/heads/main HTTP/1.1"
show less
Port Scan
๐ฉ๐ช
dispaisyenterprises
2026-06-16 12:03:57
(2 weeks ago)
Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2086 [3], 2087 [2], 2095 [1], 2096 ...
show more
Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2086 [3], 2087 [2], 2095 [1], 2096 [1], 2082 [1], 2078 [1] TCP
Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Port Scan
๐ต๐ฑ
webadmin
2026-06-16 09:34:21
(2 weeks ago)
Web App Attack
๐ซ๐ฎ
Maxetow
2026-06-16 09:08:40
(2 weeks ago)
Scan port: 2078 | 1 total | size=60B
Port Scan
๐ณ๐ฑ
BIV
2026-06-16 08:34:44
(2 weeks ago)
Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2077,2078,2083,2095,20 ...
show more
Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2077,2078,2083,2095,2096,443. Automated tiered (T-Pot+DShield).
show less
Port Scan
Hacking
Bad Web Bot
๐บ๐ธ
aks4226
2026-06-16 07:49:03
(2 weeks ago)
Bot search, attacking common web applications.
Web App Attack
๐ซ๐ท
ISPLtd
2026-06-16 07:43:11
(2 weeks ago)
Jun 16 04:43:11 52.161.51.152 TCP SPT=1293 DPT=2078 SYN
Jun 16 04:43:11 52.161.51.152 TCP SPT=1284 D ...
show more
Jun 16 04:43:11 52.161.51.152 TCP SPT=1293 DPT=2078 SYN
Jun 16 04:43:11 52.161.51.152 TCP SPT=1284 DPT=2083 SYN
Jun 16 04:43:11 52.161.51.152 TCP SPT=1291 DPT=2095
...
show less
Port Scan
๐ฎ๐น
mgarofano80
2026-06-10 04:08:41
(3 weeks ago)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-06-10 04:05:48
(3 weeks ago)
Too many Status 50X (17)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 03:40:58
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 52.161.51.152 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 52.161.51.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 23:40:52.810977 2026] [security2:error] [pid 12448:tid 12448] [client 52.161.51.152:2785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.50"] [uri "/.git/HEAD"] [unique_id "aijcxPncce-EE390yGD8xwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-10 03:11:15
(3 weeks ago)
Hit honeypot r.
Port Scan
Hacking
Exploited Host