๐ซ๐ท
Sklurk
2025-09-13 12:34:03
(10 months ago)
Web App Attack
Web App Attack
Anonymous
2025-09-11 09:26:41
(10 months ago)
...
Web Spam
Web App Attack
๐น๐ท
rtbh.com.tr
2025-09-09 20:08:43
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-09-08 20:08:41
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Anonymous
2025-09-08 15:58:00
(10 months ago)
"Undesired, excess traffic against library/education infrastructure"
Brute-Force
Anonymous
2025-09-08 09:57:00
(10 months ago)
Reported from Nginx log analysis 18. Log: 43.156.183.221 - - [08/Sep/2025:xx:xx:xx 0200] "GET /tag/ ...
show more
Reported from Nginx log analysis 18. Log: 43.156.183.221 - - [08/Sep/2025:xx:xx:xx 0200] "GET /tag/charitable-trusts/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue"
show less
Port Scan
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-09-08 08:31:55
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 43.156.183.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.156.183.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 08 04:31:49.360598 2025] [security2:error] [pid 2996396:tid 2996554] [client 43.156.183.221:54900] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vtweaversguild.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vtweaversguild.org"] [uri "/VWG-FORUM/[email protected] "] [unique_id "aL6UdeNmXPy8RGbnjMYsoQAAAcM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2025-09-07 13:20:12
(10 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ksol-hostmaster
2025-09-07 13:09:28
(10 months ago)
2025/09/07 15:09:28 [error] 41854#733119: *33183 access forbidden by rule, client: 43.156.183.221, s ...
show more
2025/09/07 15:09:28 [error] 41854#733119: *33183 access forbidden by rule, client: 43.156.183.221, server: git.ksol.io, request: "GET /explore/repos?q=ansible&sort=recentupdate&language=Python HTTP/1.1", host: "git.ksol.io"
...
show less
Web Spam
๐ฉ๐ช
CommanderRoot
2025-09-06 22:44:05
(10 months ago)
Bot crawler
DDoS Attack
Web Spam
๐ฉ๐ช
Vegascosmetics
2025-09-06 21:51:27
(10 months ago)
Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.
Bad Web Bot
๐น๐ท
rtbh.com.tr
2025-09-06 20:08:39
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-09-06 13:36:20
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 43.156.183.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.156.183.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 09:36:14.422015 2025] [security2:error] [pid 26679:tid 26683] [client 43.156.183.221:41162] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||batonrougegazette.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "batonrougegazette.com"] [uri "/uncategorized/brownsville-police-discuss-crash-that-killed-eight/phr0z3nsonicmega8k.com"] [unique_id "aLw4zkg_Oiv9cFZ-7TWNKwAAAMI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-09-06 09:59:01
(10 months ago)
Reported from Nginx log analysis 18. Log: 43.156.183.221 - - [06/Sep/2025:xx:xx:xx 0200] "GET /tag/ ...
show more
Reported from Nginx log analysis 18. Log: 43.156.183.221 - - [06/Sep/2025:xx:xx:xx 0200] "GET /tag/cbi/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue"
show less
Port Scan
Brute-Force
SSH
๐น๐ท
rtbh.com.tr
2025-09-06 00:08:37
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force