๐ช๐ธ
didevi
2026-01-28 15:03:57
(5 months ago)
SPAM or Brute force attack detected
Email Spam
Brute-Force
๐ง๐ช
cmbplf
2025-07-25 22:23:28
(11 months ago)
142 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SAMSUNG SM-T220) AppleWebKit/ ...
show more
142 requests with user_agent.original Mozilla/5.0 (Linux; Android 13; SAMSUNG SM-T220) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/23.0 Chrome/115.0.0.0 Mobile Safari/537.36
123 requests with user_agent.original Mozilla/5.0 (Macintosh; U; PPC; en-US; rv:0.9.3) Gecko/20010802
120 requests with user_agent.original Dalvik/2.1.0 (Linux; U; Android 11; Tibuta_MasterPad-E100 Build/RP1A.201005.006)
118 requests with user_agent.original AppleCoreMedia/1.0.0.23A344 (Macintosh; U; Intel Mac OS X 14_0; da_dk)
118 requests with user_agent.original Mozilla/5.0 (iPhone; CPU iPhone OS 16_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 [LinkedInApp]/9.28.7586
115 requests with user_agent.original Mozilla/5.0 (X11; Linux x86_64; SMARTEMB Build/3.12.9076) AppleWebKit/537.36 (KHTML, like Gecko) Chromium/103.0.5060.129 Chrome/103.0.5060.129 Safari/537.36
115 requests with user_agent.original Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021208 Debian/1.2.1-2
112 requests wi
show less
Brute-Force
Bad Web Bot
๐ฆ๐บ
MAGIC
2024-10-06 14:03:18
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฆ๐น
begou.dev
2024-08-22 11:51:53
(1 year ago)
[Threat Intelligence] FrozenThreat: Port Scanning and/or Unauthorized access -> HoneyPots:PORT/80
Port Scan
Anonymous
2024-08-17 22:01:48
(1 year ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-04-13 19:50:33
(2 years ago)
(mod_security) mod_security (id:210831) triggered by 195.78.54.90 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 195.78.54.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 13 15:50:28.635268 2024] [security2:error] [pid 28294] [client 195.78.54.90:53438] [client 195.78.54.90] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||aandsmetal.com|F|4"] [data "Amiga-AWeb/3.4"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "aandsmetal.com"] [uri "/products/non-ferrous-metal/about/mexico-division/"] [unique_id "ZhriBFjnxIdd_GD0kylD2gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2023-05-31 10:53:14
(3 years ago)
25 attempts against mh-misc-ban on comet
Web App Attack
๐จ๐ผ
ATV
2022-11-30 02:40:51
(3 years ago)
Unsolicited connection attempts to port 10443
Port Scan
๐ฉ๐ช
Sklurk
2022-09-14 13:30:23
(3 years ago)
Web App Attack
Web App Attack
๐ฉ๐ช
Dominik
2021-11-26 19:51:24
(4 years ago)
RDP brute forcing (r)
Brute-Force
๐ธ๐ช
www.remote24.se
2021-11-25 04:40:23
(4 years ago)
3389BruteforceStormFW22
Brute-Force
๐ธ๐ช
www.remote24.se
2021-11-25 02:07:13
(4 years ago)
3389BruteforceStormFW23
Brute-Force
๐ฉ๐ช
www.blocklist.de
2021-11-25 02:01:10
(4 years ago)
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:0 ...
show more
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:00 SRC=195.78.54.90 DST=204.17.205.254 LEN=52 TOS=0x0A PREC=0x20 TTL=120 ID=19283 DF PROTO=TCP SPT=53472 DPT=3389 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:00 SRC=195.78.54.90 DST=204.17.205.254 LEN=40 TOS=0x08 PREC=0x20 TTL=120 ID=19348 DF PROTO=TCP SPT=53472 DPT=3389 WINDOW=65392 RES=0x00 ACK URGP=0
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:00 SRC=195.78.54.90 DST=204.17.205.254 LEN=43 TOS=0x08 PREC=0x20 TTL=120 ID=19350 DF PROTO=TCP SPT=53472 DPT=3389 WINDOW=65392 RES=0x00 ACK URGP=0
........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=195.78.54.90
show less
DDoS Attack
Anonymous
2021-11-25 01:55:35
(4 years ago)
RDP brute force attack.
Port Scan
Brute-Force
๐บ๐ธ
rellim.com
2021-11-25 01:53:06
(4 years ago)
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:0 ...
show more
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:00 SRC=195.78.54.90 DST=204.17.205.254 LEN=52 TOS=0x0A PREC=0x20 TTL=120 ID=19283 DF PROTO=TCP SPT=53472 DPT=3389 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:00 SRC=195.78.54.90 DST=204.17.205.254 LEN=40 TOS=0x08 PREC=0x20 TTL=120 ID=19348 DF PROTO=TCP SPT=53472 DPT=3389 WINDOW=65392 RES=0x00 ACK URGP=0
Nov 24 22:53:05 alice kernel: HACK IN=enp4s0 OUT=enp1s0 MAC=c8:1f:66:36:c6:03:5c:45:27:60:d5:4a:08:00 SRC=195.78.54.90 DST=204.17.205.254 LEN=43 TOS=0x08 PREC=0x20 TTL=120 ID=19350 DF PROTO=TCP SPT=53472 DPT=3389 WINDOW=65392 RES=0x00 ACK URGP=0
...
show less
Port Scan