🇺🇸
anon333
2026-06-28 16:42:04
(1 week ago)
Hacker syslog review 1782664924
Hacking
🇺🇸
stechusa
2026-03-21 01:28:09
(3 months ago)
ELEVATED_THREAT | country=BR | ASN=Multpontos Telecomunicacoes Ltda - ME | 138 IPs targeting /brand/ ...
show more
ELEVATED_THREAT | country=BR | ASN=Multpontos Telecomunicacoes Ltda - ME | 138 IPs targeting /brand/satco-products-inc.html | Facet request during elevated threat (facet_ratio=0.92, unique_ips=522) | HTTP/1.1 over TLS (elevated=True)
show less
Web App Attack
Hacking
Web Spam
🇦🇺
MAGIC
2026-03-21 00:13:47
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
🇺🇸
kosada.com
2026-03-19 15:51:28
(3 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
🇺🇸
TPI-Abuse
2026-03-19 02:04:19
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 177.11.188.19 (177-11-188-19.multpontostelecom. ...
show more
(mod_security) mod_security (id:210730) triggered by 177.11.188.19 (177-11-188-19.multpontostelecom.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 22:04:15.053745 2026] [security2:error] [pid 24989:tid 25002] [client 177.11.188.19:29806] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||newleafpro.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "newleafpro.com"] [uri "/iguanablue.com"] [unique_id "abtZn5JJ1HXZDQxBk3pMJwAAAIs"], referer: https://newleafpro.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
🇮🇩
hermawan
2025-11-26 03:24:35
(7 months ago)
[Wed Nov 26 10:22:33.398957 2025] [security2:error] [pid 1131899:tid 140674322126528] [client 177.11 ...
show more
[Wed Nov 26 10:22:33.398957 2025] [security2:error] [pid 1131899:tid 140674322126528] [client 177.11.188.19:44641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Brave" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "247"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Brave found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Brave Chrome/85.0.4183.121 Safari/537.36 request_line = GET /index.php/profil/meteorologi/list-all-categories/4016-klimatologi/analisis-klimatologi/monitoring-dan-prakiraan-curah-hujan-dasarian-di-provinsi-jawa-timur/monitoring-dan-prakiraan-curah-hujan-dasarian-di-provinsi-jawa-timur-tahun-2020/555558026-monitoring-dan-prakiraan-curah-hujan-dasarian-hari-tan..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all
...
show less
Hacking
Web App Attack
Anonymous
2025-11-25 02:18:07
(7 months ago)
scanning http requests from known botnet
Web App Attack
Anonymous
2025-11-18 18:15:35
(7 months ago)
scanning http requests from known botnet
Web App Attack
🇭🇺
ksol-hostmaster
2025-10-19 17:40:32
(8 months ago)
Massive botnet baited into scraping tarpit
Bad Web Bot
🇳🇱
exxos
2025-09-01 23:03:01
(10 months ago)
Attacks with Bad user agents
Hacking
🇳🇱
exxos
2025-09-01 22:07:13
(10 months ago)
http-no-verb
Hacking
🇳🇱
exxos
2025-08-25 23:03:01
(10 months ago)
Attacks with Bad user agents
Hacking
🇹🇷
rtbh.com.tr
2024-11-25 20:53:04
(1 year ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
🇹🇷
rtbh.com.tr
2024-11-24 20:53:05
(1 year ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
🇩🇪
Administrator
2024-11-24 06:47:54
(1 year ago)
2024-11-24T08:42:55.726594+02:00 galaxy sshd[319997]: pam_unix(sshd:auth): authentication failure; l ...
show more
2024-11-24T08:42:55.726594+02:00 galaxy sshd[319997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.11.188.19
2024-11-24T08:42:57.832054+02:00 galaxy sshd[319997]: Failed password for invalid user ubuntu from 177.11.188.19 port 45311 ssh2
2024-11-24T08:45:21.399907+02:00 galaxy sshd[325113]: Invalid user deploy from 177.11.188.19 port 45379
2024-11-24T08:45:21.403274+02:00 galaxy sshd[325113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.11.188.19
2024-11-24T08:45:23.217779+02:00 galaxy sshd[325113]: Failed password for invalid user deploy from 177.11.188.19 port 45379 ssh2
2024-11-24T08:47:51.663170+02:00 galaxy sshd[336321]: Invalid user student from 177.11.188.19 port 45042
2024-11-24T08:47:51.666659+02:00 galaxy sshd[336321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.11.188.19
2024-11-24T08:47:53.410366+02:00 galaxy sshd[336321]: Failed pass
...
show less
Brute-Force
SSH