๐บ๐ธ
TPI-Abuse
2026-07-07 05:46:15
(18 hours ago)
(mod_security) mod_security (id:217210) triggered by 103.111.121.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:217210) triggered by 103.111.121.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 01:46:08.735679 2026] [security2:error] [pid 17219:tid 17219] [client 103.111.121.35:34428] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||www.empoweruohio.org|F|4"] [data "GET http://www.empoweruohio.org HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.empoweruohio.org"] [uri "/"] [unique_id "akySoOYx13zuhhM2N7DvTAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 07:59:10
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ธ๐ฌ
mypatricks
2026-06-24 04:41:27
(1 week ago)
103.111.121.35 | Port: 11037 | DNS: 103.111.121.35 2026-06-24T12:41:25+08:00 Asia/Dhaka | Fake HTTP ...
show more
103.111.121.35 | Port: 11037 | DNS: 103.111.121.35 2026-06-24T12:41:25+08:00 Asia/Dhaka | Fake HTTP Protocol detected! | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /account/create/?0663ffa170d7c2a5c617039f07afadd3=1782257914 | Ref: - | Country: BD/Bangladesh/+06:00 IP City: Sirajganj Windows a1090f587a7dbb2f-DAC/Dhaka, Bangladesh 1 hits/0 secs Robots 2
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ธ๐ฌ
mypatricks
2026-06-18 11:53:15
(2 weeks ago)
103.111.121.35 | Port: 10979 | DNS: 103.111.121.35 2026-06-18T19:53:13+08:00 Asia/Dhaka | Suspicious ...
show more
103.111.121.35 | Port: 10979 | DNS: 103.111.121.35 2026-06-18T19:53:13+08:00 Asia/Dhaka | Suspicious Spoofing Activity | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:135.0) Gecko/20100101 Firefox/135.0 HTTP/1.1 443 GET | URL: /fondant-cakes-arsenal-fc/?af9c70561794db13e323fb789457b513=1781762323&d3a18dc9f743cd9ad33470=enabled | Ref: - | Country: BD/Bangladesh/+06:00 IP City: Sirajganj a0da17a37e32bb2f-DAC/Dhaka, Bangladesh 1 hits/0 secs Browser 3
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ฉ๐ช
EGP Abuse Dept
2026-06-13 02:04:50
(3 weeks ago)
Scraping webshop URLs (www.badgehouder.nl), likely botnet drone
Bad Web Bot
Exploited Host
Anonymous
2026-06-12 20:07:46
(3 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
Anonymous
2026-06-08 12:46:35
(4 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ฎ๐ฉ
hermawan
2026-06-06 08:01:03
(1 month ago)
[Sat Jun 06 15:01:00.282503 2026] [authz_core:error] [pid 1620744:tid 140021360170688] [client 103.1 ...
show more
[Sat Jun 06 15:01:00.282503 2026] [authz_core:error] [pid 1620744:tid 140021360170688] [client 103.111.121.35:58216] AH01630: client denied by server configuration: /var/www/index.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1620758] [C3iMLdE/en4] [aiPTvM6lfze1FaSyMtko0QAAzA0] keep_alive=[1] [2026-06-06 15:01:00.282507] [R:aiPTvM6lfze1FaSyMtko0QAAzA0] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 18_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Mobile/15E148 Safari/604.1' Host:'staklim-jatim.bmkg.go.id:443' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8
...
show less
Email Spam
Hacking
๐บ๐ธ
kosada.com
2026-04-17 01:18:46
(2 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐ท๐ธ
Scan
2026-04-15 03:04:25
(2 months ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
Anonymous
2026-04-10 21:57:40
(2 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
Anonymous
2026-03-29 16:27:41
(3 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ซ๐ท
Sklurk
2026-03-26 10:59:33
(3 months ago)
Web App Attack
Web App Attack
๐ฌ๐ง
relianoid.com
2026-02-21 09:21:09
(4 months ago)
POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com
Web Spam
Anonymous
2025-12-17 04:38:58
(6 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Bad Web Bot
Exploited Host