rtbh.com.tr
2024-10-08 20:53:54
(3 weeks ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
rtbh.com.tr
2024-10-08 12:53:55
(3 weeks ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
ghostwarriors
2024-10-06 17:20:18
(4 weeks ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-10-06 17:05:30
(4 weeks ago)
2024/10/06 19:05:29 [error] 4235#421416: *3250650 limiting requests, excess: 0.350 by zone "crawler" ... show more 2024/10/06 19:05:29 [error] 4235#421416: *3250650 limiting requests, excess: 0.350 by zone "crawler", client: 18.118.255.176, server: crxforum.ksol.io, request: "GET /showTopic.php?seed=668c64e95356f&topicId=128 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
taivas.nl
2024-10-06 04:34:28
(4 weeks ago)
Many_bad_calls
Web App Attack
Anonymous
2024-10-05 11:33:53
(4 weeks ago)
18.118.255.176 - - [05/Oct/2024:13:29:07 +0200] "GET /blog/author/%20/blog-content/Ressources/articl ... show more 18.118.255.176 - - [05/Oct/2024:13:29:07 +0200] "GET /blog/author/%20/blog-content/Ressources/article.php?IdArticle=8406674 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [05/Oct/2024:13:29:07 +0200] "GET /blog/author/%20/blog-content/Ressources/'https:/t.me/ONNXIT/article.php?IdArticle=8508490 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [05/Oct/2024:13:29:07 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes.com/a-week-in-security/2020/01/a-week-in-security-january-13-19/Ressources/article.php?IdArticle=8488095 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [05/Oct/2024:13:30:23 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes.com/a-week-in-security/2020/01/a-week-in-security-january
... show less
Web App Attack
Anonymous
2024-10-03 12:48:40
(1 month ago)
18.118.255.176 - - [03/Oct/2024:14:45:55 +0200] "GET /blog/author/blog-content%20/article.php?IdArti ... show more 18.118.255.176 - - [03/Oct/2024:14:45:55 +0200] "GET /blog/author/blog-content%20/article.php?IdArticle=8517412 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [03/Oct/2024:14:45:55 +0200] "GET /blog/author/blog-content%20/Ressources/img/article.php?IdArticle=8529924 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [03/Oct/2024:14:45:55 +0200] "GET /blog/author/blog-content%20/Ressources/img/article.php?IdArticle=8530277 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [03/Oct/2024:14:45:55 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes.com/wp-content/uploads/2016/09/blog-content%20/article.php?IdArticle=8495307 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible;
... show less
Web App Attack
Anonymous
2024-10-02 05:31:48
(1 month ago)
18.118.255.176 - - [02/Oct/2024:07:27:55 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes ... show more 18.118.255.176 - - [02/Oct/2024:07:27:55 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes.com/android/2019/06/mobile-stalkerware-a-long-history-of-detection/article.php?IdArticle=8499783 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [02/Oct/2024:07:27:55 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes.com/security-world/2017/09/multiple-flaws-found-in-smart-syringe-pump/article.php?IdArticle=8525416 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [02/Oct/2024:07:27:55 +0200] "GET /blog/author/%20/'https:/blog.malwarebytes.com/threat-analysis/2019/03/the-advanced-persistent-threat-files-lazarus-group/article.php?IdArticle=8298315 HTTP/1.1" 482 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected] )"
18.118.255.176 - - [02/Oct/2
... show less
Web App Attack
ghostwarriors
2024-10-02 04:20:29
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-10-02 04:00:35
(1 month ago)
2024/10/02 06:00:35 [error] 96469#478121: *1607743 limiting requests, excess: 0.036 by zone "crawler ... show more 2024/10/02 06:00:35 [error] 96469#478121: *1607743 limiting requests, excess: 0.036 by zone "crawler", client: 18.118.255.176, server: crxforum.ksol.io, request: "GET /showRecAnswers.php?commentUniqId=5d418cba6fa70&seed=6683497eabc4c&topicId=128 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
Security_Whaller
2022-12-11 19:05:00
(1 year ago)
Malicious activity
Hacking
Brute-Force
Web App Attack
AC - Team
2022-12-09 12:29:50
(1 year ago)
18.118.255.176 - - [09/Dec/2022:14:29:38 -0300] "GET /.git/config HTTP/1.1" 404 16196 "-" "python-re ... show more 18.118.255.176 - - [09/Dec/2022:14:29:38 -0300] "GET /.git/config HTTP/1.1" 404 16196 "-" "python-requests/2.18.4"
... show less
Hacking
Web App Attack
backslash
2022-12-09 12:05:01
(1 year ago)
block ruleset bad bot: misc bad content F608233CC4C86EE814CE8DDDA9C4A0D3C79882F6
Bad Web Bot
4server
2022-12-09 11:15:09
(1 year ago)
[FriDec0917:15:05.6975522022][:error][pid6633:tid47497605080832][client18.118.255.176:35208][client1 ... show more [FriDec0917:15:05.6975522022][:error][pid6633:tid47497605080832][client18.118.255.176:35208][client18.118.255.176]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"python-requests/\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"176\"][id\"332039\"][rev\"4\"][msg\"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/.\"][severity\"CRITICAL\"][hostname\"server6.hostingedominio.ch\"][uri\"/.git/config\"][unique_id\"Y5NfCaogw7Yinahy8tY76AAAAMA\"][FriDec0917:15:06.0304372022][:error][pid6635:tid47497613485824][client18.118.255.176:35222][client18.118.255.176]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"python-requests/\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"176\"][id\"332039\"][rev\"4\"][msg\"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/.\"][severity\"CRITICAL show less
Blog Spam
mnsf
2022-12-09 04:01:28
(1 year ago)
Too many Status 40X (12)
Brute-Force
Web App Attack