๐น๐ท
rtbh.com.tr
2025-09-09 20:08:43
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-09-08 20:08:41
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-09-08 02:06:58
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 129.226.221.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 129.226.221.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 07 22:06:52.042878 2025] [security2:error] [pid 19671:tid 19671] [client 129.226.221.213:53724] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||brandoncomputergeeks.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brandoncomputergeeks.com"] [uri "/blog/syndication.axd"] [unique_id "aL46PDATRrtVhh5xR59SxgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ด
INTEQ
2025-09-07 20:58:36
(10 months ago)
Web attack from 129.226.221.213
Web App Attack
๐ฉ๐ช
ghostwarriors
2025-09-07 15:50:05
(10 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ksol-hostmaster
2025-09-07 15:26:22
(10 months ago)
2025/09/07 17:26:22 [error] 41854#733119: *61793 access forbidden by rule, client: 129.226.221.213, ...
show more
2025/09/07 17:26:22 [error] 41854#733119: *61793 access forbidden by rule, client: 129.226.221.213, server: git.ksol.io, request: "GET /karolyi/munin-f2b-remote/src/master/CITATION.cff HTTP/1.1", host: "git.ksol.io"
...
show less
Web Spam
Anonymous
2025-09-07 09:56:29
(10 months ago)
Reported from Nginx log analysis 18. Log: 129.226.221.213 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag ...
show more
Reported from Nginx log analysis 18. Log: 129.226.221.213 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag/ipo/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue"
show less
Port Scan
Brute-Force
SSH
๐น๐ท
rtbh.com.tr
2025-09-06 20:08:39
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ธ๐ฌ
mypatricks
2025-09-06 04:18:32
(10 months ago)
129.226.221.213 | Port: 35540 | DNS: 129.226.221.213 2025-09-06T12:18:30+08:00 Asia/Singapore | Bad ...
show more
129.226.221.213 | Port: 35540 | DNS: 129.226.221.213 2025-09-06T12:18:30+08:00 Asia/Singapore | Bad Behavior Activity | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /customer-self-service/cake-size-chart/?508d5822b3478c07e179901e=ms-my&code=ms-my | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97ab29ad5d63fe23-SIN/Singapore, Singapore 1 hits/0 secs Robots 3
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐น๐ท
rtbh.com.tr
2025-09-06 00:08:37
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-09-05 20:08:37
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ธ๐ฌ
mypatricks
2025-09-05 19:37:45
(10 months ago)
129.226.221.213 | Port: 60880 | DNS: 129.226.221.213 2025-09-06T03:37:44+08:00 Asia/Singapore | Bad ...
show more
129.226.221.213 | Port: 60880 | DNS: 129.226.221.213 2025-09-06T03:37:44+08:00 Asia/Singapore | Bad Behavior Activity | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /terms-conditions/?3fbda61b79c3b8ebddeb1ddf53=USD&code=USD | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97a82ed3d844823d-SIN/Singapore, Singapore 1 hits/0 secs Robots 3
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-05 08:36:30
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 129.226.221.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 129.226.221.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 04:36:25.763054 2025] [security2:error] [pid 27172:tid 27172] [client 129.226.221.213:36238] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||williamfitzsimmons.com|F|2"] [data ".majesticmadison.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/news/0328-william-adds-chattanooga-date-uscan-tour/www.majesticmadison.com"] [unique_id "aLqhCaK37mcaPnH0pPOS3wAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
mypatricks
2025-09-05 07:34:51
(10 months ago)
129.226.221.213 | Port: 58880 | DNS: 129.226.221.213 2025-09-05T15:34:49+08:00 Asia/Singapore | FETC ...
show more
129.226.221.213 | Port: 58880 | DNS: 129.226.221.213 2025-09-05T15:34:49+08:00 Asia/Singapore | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /page/2/?dedfeacd9a9ea9a=717&1751718411 | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97a40bdff8effd75-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
ghostwarriors
2025-09-04 20:50:24
(10 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack