๐ฉ๐ช
CommanderRoot
2025-09-17 02:41:38
(10 months ago)
Bot crawler
DDoS Attack
Web Spam
๐ซ๐ท
Sklurk
2025-09-16 01:24:42
(10 months ago)
Web App Attack
Web App Attack
๐ท๐ด
INTEQ
2025-09-13 08:25:46
(10 months ago)
Web attack from 43.163.114.128
Web App Attack
๐ต๐ฑ
sefinek.net
2025-09-12 22:34:53
(10 months ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /documentation
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
Sklurk
2025-09-12 20:31:06
(10 months ago)
Web App Attack
Web App Attack
๐ฆ๐บ
MAGIC
2025-09-11 01:14:56
(10 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ท๐ด
INTEQ
2025-09-10 10:55:36
(10 months ago)
Web attack from 43.163.114.128
Web App Attack
๐ธ๐ฌ
mypatricks
2025-09-09 19:29:11
(10 months ago)
43.163.114.128 | Port: 61050 | DNS: 43.163.114.128 2025-09-10T03:29:10+08:00 Asia/Singapore | FETCH ...
show more
43.163.114.128 | Port: 61050 | DNS: 43.163.114.128 2025-09-10T03:29:10+08:00 Asia/Singapore | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /?fd99fcbdb89cacedc=653&1757393890 | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97c917c6c8d2fd94-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-07 07:43:19
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 43.163.114.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.163.114.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 07 03:43:16.529718 2025] [security2:error] [pid 4522:tid 4522] [client 43.163.114.128:45608] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.beirutbazar.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beirutbazar.com"] [uri "/item/bread-basket-easter-bunny-puzzle-10000lbp-250g/[email protected] "] [unique_id "aL03lHkUK9GNxO0dUA-2egAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-09-07 03:57:59
(10 months ago)
Reported from Nginx log analysis 18. Log: 43.163.114.128 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag/ ...
show more
Reported from Nginx log analysis 18. Log: 43.163.114.128 - - [07/Sep/2025:xx:xx:xx 0200] "GET /tag/affaire/ HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36" "-" "SG Singapore Singapore" "AS132203" "Tencent Building, Kejizhongyi Avenue"
show less
Port Scan
Brute-Force
SSH
๐น๐ท
rtbh.com.tr
2025-09-06 20:08:39
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-09-06 01:00:52
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 43.163.114.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 43.163.114.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 21:00:46.597589 2025] [security2:error] [pid 13289:tid 13289] [client 43.163.114.128:41968] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||heathdiesel.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "heathdiesel.com"] [uri "/WebResource.axd"] [unique_id "aLuHvgu5tanqyUGBJJEIrQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
rtbh.com.tr
2025-09-05 20:08:37
(10 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ธ๐ฌ
mypatricks
2025-09-05 07:14:28
(10 months ago)
43.163.114.128 | Port: 34692 | DNS: 43.163.114.128 2025-09-05T15:14:27+08:00 Asia/Singapore | FETCH ...
show more
43.163.114.128 | Port: 34692 | DNS: 43.163.114.128 2025-09-05T15:14:27+08:00 Asia/Singapore | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /page/2/?aecfaebc8ab99e8e=88cfadbdb8ccdb899e | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97a3ee0808f69cf6-SIN/Singapore, Singapore 1 hits/0 secs Robots 1
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐ธ๐ฌ
mypatricks
2025-09-05 04:40:42
(10 months ago)
43.163.114.128 | Port: 15768 | DNS: 43.163.114.128 2025-09-05T12:40:40+08:00 Asia/Singapore | Bad Be ...
show more
43.163.114.128 | Port: 15768 | DNS: 43.163.114.128 2025-09-05T12:40:40+08:00 Asia/Singapore | Bad Behavior Activity | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36 HTTP/1.1 443 GET | URL: /cart/?38a3bb586fe9ff2d9daa7e99bcd96095=1733529568b | Ref: - | Country: SG/Singapore/+08:00 IP City: Singapore 97a30cc3fe6840a2-SIN/Singapore, Singapore 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack