Anonymous
2025-09-08 16:06:00
(10 months ago)
"Undesired, excess traffic against library/education infrastructure"
Brute-Force
Anonymous
2025-09-07 21:59:13
(10 months ago)
Reported from Nginx log analysis 18. Log: 43.153.227.160 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag/ ...
show more
Reported from Nginx log analysis 18. Log: 43.153.227.160 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag/microplastic/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue" | 43.153.227.160 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag/royal-opera-house/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue"
show less
Port Scan
Brute-Force
SSH
๐น๐ท
rtbh.com.tr
2025-09-06 20:08:39
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Anonymous
2025-09-06 09:58:39
(10 months ago)
Reported from Nginx log analysis 18. Log: 43.153.227.160 - - [06/Sep/2025:xx:xx:xx 0200] "GET /2024 ...
show more
Reported from Nginx log analysis 18. Log: 43.153.227.160 - - [06/Sep/2025:xx:xx:xx 0200] "GET /2024/06/18/wayanad-welcomes-priyanka-gandhi-for-lok-sabha-race/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue"
show less
Port Scan
Brute-Force
SSH
๐น๐ท
rtbh.com.tr
2025-09-06 00:08:37
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-09-05 20:08:37
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ธ๐ฌ
mypatricks
2025-09-05 07:14:25
(10 months ago)
43.153.227.160 | Port: 13292 | DNS: 43.153.227.160 2025-09-05T15:14:25+08:00 Asia/Singapore | FETCH ...
show more
43.153.227.160 | Port: 13292 | DNS: 43.153.227.160 2025-09-05T15:14:25+08:00 Asia/Singapore | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /page/2/?e8bd9a9edeebf8=266&1753375883 | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97a3edf8aa73fce3-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐ธ๐ฌ
mypatricks
2025-09-05 01:33:52
(10 months ago)
43.153.227.160 | Port: 21150 | DNS: 43.153.227.160 2025-09-05T09:33:51+08:00 Asia/Singapore | Bad Be ...
show more
43.153.227.160 | Port: 21150 | DNS: 43.153.227.160 2025-09-05T09:33:51+08:00 Asia/Singapore | Bad Behavior Activity | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /shop/compare/?1738847481= | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97a1fb1dbb22a98e-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
ghostwarriors
2025-09-04 20:50:25
(10 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ksol-hostmaster
2025-09-04 20:49:53
(10 months ago)
2025/09/04 22:49:52 [error] 53719#644348: *97036 access forbidden by rule, client: 43.153.227.160, s ...
show more
2025/09/04 22:49:52 [error] 53719#644348: *97036 access forbidden by rule, client: 43.153.227.160, server: git.ksol.io, request: "GET /karolyi/py3-validate-email/pulls?q=&type=all&sort=&state=closed&labels=&milestone=0&project=&assignee=0&poster=0&fuzzy=true HTTP/1.1", host: "git.ksol.io"
...
show less
Web Spam
๐ธ๐ฌ
mypatricks
2025-09-04 07:12:03
(10 months ago)
43.153.227.160 | Port: 56008 | DNS: 43.153.227.160 2025-09-04T15:12:02+08:00 Asia/Singapore | FETCH ...
show more
43.153.227.160 | Port: 56008 | DNS: 43.153.227.160 2025-09-04T15:12:02+08:00 Asia/Singapore | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /?b9cff9b88f8ff=343&1752316662 | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 979bad1f3a11a459-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
Zandro
2025-09-04 05:09:00
(10 months ago)
tencent TCP flood attack
DDoS Attack
๐ธ๐ฌ
mypatricks
2025-09-03 14:21:28
(10 months ago)
43.153.227.160 | Port: 56114 | DNS: 43.153.227.160 2025-09-03T22:21:27+08:00 Asia/Singapore | Bad Be ...
show more
43.153.227.160 | Port: 56114 | DNS: 43.153.227.160 2025-09-03T22:21:27+08:00 Asia/Singapore | Bad Behavior Activity | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /hashtag/stitch/?87ba087480076d566a1=AUD&code=AUD | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 9795e4c1af8fedbf-MXP/Milan, Italy 1 hits/0 secs Robots 4
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐ธ๐ฌ
mypatricks
2025-09-03 13:37:18
(10 months ago)
43.153.227.160 | Port: 29826 | DNS: 43.153.227.160 2025-09-03T21:37:17+08:00 Asia/Singapore | FETCH ...
show more
43.153.227.160 | Port: 29826 | DNS: 43.153.227.160 2025-09-03T21:37:17+08:00 Asia/Singapore | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /?feaddfdcda8e=653&1752552281 | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 9795a4147c17978e-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-03 12:06:03
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 43.153.227.160 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 43.153.227.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 03 08:05:56.645275 2025] [security2:error] [pid 10634:tid 10634] [client 43.153.227.160:54168] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fishleadership.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fishleadership.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aLgvJGe8GAkwGcQoGzooIgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack