๐ง๐ท
Peregrine
2026-05-04 03:10:26
(2 months ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 8.231.139.212 162.158.41.237 - - [01/May/2026:01:39:39 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 8.231.139.212 162.158.41.237 - - [01/May/2026:01:39:39 -0300] "GET /.git/config HTTP/1.1" 404 414
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-05-03 03:09:59
(2 months ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 8.231.139.212 162.158.41.237 - - [01/May/2026:01:39:39 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 8.231.139.212 162.158.41.237 - - [01/May/2026:01:39:39 -0300] "GET /.git/config HTTP/1.1" 404 414
show less
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2026-05-02 22:09:58
(2 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-01.
show less
Web App Attack
SSH
Hacking
๐ฎ๐ณ
evicky2002
2026-05-02 06:00:00
(2 months ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-05-01 06:12:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 02:11:53.883131 2026] [security2:error] [pid 16653:tid 16653] [client 8.231.139.212:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.eddysgroup.com"] [uri "/.git/config"] [unique_id "afREKaJFzopOcdixKwy1ewAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Little Iguana
2026-05-01 06:11:47
(2 months ago)
Attempt to hack Wordpress Login, XMLRPC or other login
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-01 05:10:01
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 01:09:55.910452 2026] [security2:error] [pid 19758:tid 19758] [client 8.231.139.212:33032] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hipstan.com"] [uri "/.git/config"] [unique_id "afQ1o5TUk2hIn0hATsDJgwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-01 04:51:21
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 00:51:16.156577 2026] [security2:error] [pid 2377:tid 2377] [client 8.231.139.212:40602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idgcasadelgeologo.com"] [uri "/.git/config"] [unique_id "afQxRP4IVoGnQbnaESVxYwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
Peregrine
2026-05-01 04:39:42
(2 months ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 8.231.139.212 162.158.41.237 - - [01/May/2026:01:39:39 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 8.231.139.212 162.158.41.237 - - [01/May/2026:01:39:39 -0300] "GET /.git/config HTTP/1.1" 404 414
show less
Bad Web Bot
๐บ๐ธ
octageeks.com
2026-05-01 04:08:33
(2 months ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐ฉ๐ช
Bedios GmbH
2026-05-01 03:40:41
(2 months ago)
Login credentials theft attempt
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-01 03:40:20
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 23:40:12.353907 2026] [security2:error] [pid 31169:tid 31169] [client 8.231.139.212:52094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ainalea.com"] [uri "/.git/config"] [unique_id "afQgnMNCnUCj6F4dTPKCQgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-05-01 03:28:12
(2 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 8.231.139.212 (US/United States/-): ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 8.231.139.212 (US/United States/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-05-01 03:08:01
(2 months ago)
Fail2Ban - [WEB]Exploit attempts (SQLi, RCE, path traversal) on webexploits ... [ice02,wa01,wa02]
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-01 03:02:07
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 8.231.139.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 23:02:01.772251 2026] [security2:error] [pid 3605:tid 3605] [client 8.231.139.212:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.rejuvenationcruises.com"] [uri "/.git/config"] [unique_id "afQXqdWJWuGimNyAB0RVAwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack