๐ง๐ฌ
Stoyko Stoykov
2026-07-16 19:37:35
(12 hours ago)
172.71.152.52 - - [16/Jul/2026:22:37:34 +0300] "GET //xmlrpc.php?rsd HTTP/2.0" 404 0 "-" "Mozilla/5. ...
show more
172.71.152.52 - - [16/Jul/2026:22:37:34 +0300] "GET //xmlrpc.php?rsd HTTP/2.0" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-15 04:05:27
(1 month ago)
172.71.152.52 - - [15/Jun/2026:07:05:21 +0300] "GET /laravel/.git/config HTTP/1.1" 301 162 "-" "Mozi ...
show more
172.71.152.52 - - [15/Jun/2026:07:05:21 +0300] "GET /laravel/.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0) Gecko/20100101 Firefox/21.0"
...
show less
Hacking
Web App Attack
๐บ๐ธ
wimaxnz
2026-06-10 02:26:14
(1 month ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
๐บ๐ธ
wimaxnz
2026-05-14 01:09:56
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
Anonymous
2026-04-28 02:44:18
(2 months ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ฎ๐ฉ
Burayot
2026-03-31 08:20:31
(3 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 172.71.152.52 (SG/Singapore/-): 1 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 172.71.152.52 (SG/Singapore/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฎ๐น
IRT@Unisi
2026-03-27 22:13:50
(3 months ago)
anomaly:tcp_dst_session,1001>threshold1000,repeats272timessincelastlog
DDoS Attack
๐ฎ๐ฉ
hermawan
2025-09-27 07:59:01
(9 months ago)
[Sat Sep 27 14:58:11.724489 2025] [security2:error] [pid 1989724:tid 140133002102464] [client 172.71 ...
show more
[Sat Sep 27 14:58:11.724489 2025] [security2:error] [pid 1989724:tid 140133002102464] [client 172.71.152.52:59722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CF-Connecting-IP" at REQUEST_HEADERS_NAMES:Cf-Connecting-Ip. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "375"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: CF-Connecting-IP found within REQUEST_HEADERS_NAMES:Cf-Connecting-Ip: Cf-Connecting-Ip request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Harian/Suhu_Minimum_Harian/2025/07_Juli_2025/Infografis_Suhu_Udara_Minimum_Harian_Tanggal_11_Juli_2025_07_00_WIB-12_Juli_2025_07_00_WIB.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Harian/Suhu_Minimum_Harian/2025/07_Juli_2025/Infografis_Suhu_Udara_Minimum_Harian_Tanggal_11_Juli_2025_07_00_WIB-12_Juli_2025_07_00_WIB.jpg"] [un
...
show less
Hacking
Web App Attack
๐บ๐ธ
mawan
2025-09-14 11:58:51
(10 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2025-09-04 06:50:22
(10 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฎ๐ฉ
hermawan
2025-09-01 02:53:41
(10 months ago)
[Mon Sep 01 09:51:48.437779 2025] [security2:error] [pid 741222:tid 139982925711040] [client 172.71. ...
show more
[Mon Sep 01 09:51:48.437779 2025] [security2:error] [pid 741222:tid 139982925711040] [client 172.71.152.52:58744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CF-Connecting-IP" at REQUEST_HEADERS_NAMES:Cf-Connecting-Ip. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "375"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: CF-Connecting-IP found within REQUEST_HEADERS_NAMES:Cf-Connecting-Ip: Cf-Connecting-Ip request_line = GET /images/Klimatologi/Prakiraan/03-Prakiraan-Bulanan/Prakiraan_Sifat_Hujan_Bulanan/Prakiraan_Sifat_Hujan_Bulanan_Provinsi_Jawa_Timur/2025/05_Meei_2025/02_Prediksi_Sifat_Hujan_Bulan_AGUSTUS_2025_di_Provinsi_Jawa_Timur-Update_dari_Analisis_Bulan_Mei_2025.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/03-Prakiraan-Bulanan/Prakiraan_Sifat_Hujan_Bulanan/Prakiraan_Sifat_Hujan_Bulanan_Provinsi_Jawa_Ti
...
show less
Hacking
Web App Attack
๐บ๐ธ
mawan
2025-08-16 14:11:41
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2025-08-08 18:59:48
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฎ๐ฉ
hermawan
2025-07-21 14:57:54
(11 months ago)
[Mon Jul 21 21:52:07.084103 2025] [security2:error] [pid 6675:tid 139869085968064] [client 172.71.15 ...
show more
[Mon Jul 21 21:52:07.084103 2025] [security2:error] [pid 6675:tid 139869085968064] [client 172.71.152.52:26766] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CF-Connecting-IP" at REQUEST_HEADERS_NAMES:Cf-Connecting-Ip. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "375"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: CF-Connecting-IP found within REQUEST_HEADERS_NAMES:Cf-Connecting-Ip: Cf-Connecting-Ip request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/Ekstrim/2024/05_Mei_2024/Infografis_Bulanan_Suhu_Udara_Minimum_Bulan_Mei_2024.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/Ekstrim/2024/05_Mei_2024/Infografis_Bulanan_Suhu_Udara_Minimum_Bulan_Mei_2024.webp"] [unique_id "aH5UF8MGoDaPAsOTyBn23wAABQ8"] [staklim-malang.info] [staklim-malang.info] top=[6691] [V+acnnE6di4
...
show less
Hacking
Web App Attack
๐บ๐ธ
mawan
2025-07-17 23:57:44
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack