๐ฌ๐ง
andypiper
2026-07-18 01:00:17
(3 hours ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
๐บ๐ธ
convos
2026-07-18 00:16:53
(4 hours ago)
Auto-blocked by IT Solutions USA security proxy after malicious web-shell/backdoor scanning and atta ...
show more
Auto-blocked by IT Solutions USA security proxy after malicious web-shell/backdoor scanning and attack probes. Requests blocked (403).
show less
Web App Attack
Hacking
Bad Web Bot
Anonymous
2026-07-17 09:19:08
(19 hours ago)
FortiWeb WAF: 482 attacks detected. Threat Score: 112450. Types: Client Management(241), Block IP Li ...
show more
FortiWeb WAF: 482 attacks detected. Threat Score: 112450. Types: Client Management(241), Block IP List(241). Origin: Germany.
show less
Web App Attack
๐ฎ๐ณ
evicky2002
2026-07-17 06:00:00
(22 hours ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ซ๐ท
Baking333
2026-07-16 23:21:40
(1 day ago)
[redacted] 43.228.157.36 - - [17/Jul/2026:00:21:39 +0100] "GET /.git/config HTTP/1.1" 302 6773 0/545 ...
show more
[redacted] 43.228.157.36 - - [17/Jul/2026:00:21:39 +0100] "GET /.git/config HTTP/1.1" 302 6773 0/54501 "-" "Mozilla/5.0 (compatible; Silovik/2.0)" [redacted] 43.228.157.36 - - [17/Jul/2026:00:21:39 +0100] "GET /.git/config HTTP/1.1" 302 6773 0/48447 "http://[redacted]/.git/config" "Mozilla/5.0 (compatible; Silovik/2.0)"
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 22:58:39
(1 day ago)
43.228.157.36 - - [17/Jul/2026:00:58:38 +0200] "GET /.git/config HTTP/1.1" 403 2320 "-" "Mozilla/5.0 ...
show more
43.228.157.36 - - [17/Jul/2026:00:58:38 +0200] "GET /.git/config HTTP/1.1" 403 2320 "-" "Mozilla/5.0 (compatible; Silovik/2.0)"
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
Marten Mark
2026-07-16 22:40:17
(1 day ago)
43.228.157.36 - - [16/Jul/2026:22:40:16 +0000] "GET /.git/config HTTP/1.1" 301 166 "-" "Mozilla/5.0 ...
show more
43.228.157.36 - - [16/Jul/2026:22:40:16 +0000] "GET /.git/config HTTP/1.1" 301 166 "-" "Mozilla/5.0 (compatible; Silovik/2.0)"
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
rdpguard.com
2026-07-16 20:26:07
(1 day ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐ฉ๐ช
FeG Deutschland
2026-07-16 20:15:36
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ธ๐ช
EmK530
2026-07-16 19:36:48
(1 day ago)
URL flagged by RegEx: /.git/config
Web App Attack
๐ฉ๐ช
ut-addicted.com
2026-07-16 18:56:06
(1 day ago)
\[Thu Jul 16 20:56:04.752008 2026\] \[:error\] \[pid 17134:tid 139785821722368\] \[client 43.228.157 ...
show more
\[Thu Jul 16 20:56:04.752008 2026\] \[:error\] \[pid 17134:tid 139785821722368\] \[client 43.228.157.36:46362\] \[client 43.228.157.36\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "ut-addicted.com"\] \[uri "/.git/config"\] \[unique_id "alkpRNMv3GkFE5E6K0-4-gAAAQg"\]
show less
Brute-Force
Web App Attack
๐ช๐ธ
librebit
2026-07-16 17:49:17
(1 day ago)
Brute force
Brute-Force
๐บ๐ธ
jkcunningham
2026-07-16 17:25:11
(1 day ago)
Vulnerability scanner. Pretends referer was target domain, targets os and filesystem.
Bad Web Bot
Port Scan
๐ฉ๐ช
ut-addicted.com
2026-07-16 17:23:47
(1 day ago)
\[Thu Jul 16 19:23:46.751932 2026\] \[:error\] \[pid 2934:tid 139785664374528\] \[client 43.228.157. ...
show more
\[Thu Jul 16 19:23:46.751932 2026\] \[:error\] \[pid 2934:tid 139785664374528\] \[client 43.228.157.36:51726\] \[client 43.228.157.36\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/.git/config"\] \[unique_id "alkTog6TPjr@zQPs7R2MZwAAANc"\]
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-07-16 07:00:53
(1 day ago)
Access to sensitive files detected w/ specific boundary.. Threat Score: 5/10 (MEDIUM). Confidence: 4 ...
show more
Access to sensitive files detected w/ specific boundary.. Threat Score: 5/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 2.9/10 (Low). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
Hacking
Web App Attack