๐บ๐ธ
kosada.com
2026-06-29 09:30:51
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ธ๐ฌ
mypatricks
2026-06-25 00:27:54
(1 week ago)
103.185.224.132 | Port: 11029 | DNS: 103.185.224.132 2026-06-25T08:27:53+08:00 Asia/Dhaka | Suspicio ...
show more
103.185.224.132 | Port: 11029 | DNS: 103.185.224.132 2026-06-25T08:27:53+08:00 Asia/Dhaka | Suspicious Spoofing Activity | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:135.0) Gecko/20100101 Firefox/135.0 HTTP/1.1 443 GET | URL: /shop/compare/?1782335584= | Ref: - | Country: BD/Bangladesh/+06:00 IP City: Dhaka a10fd959bce1dae2-DAC/Dhaka, Bangladesh 1 hits/0 secs Browser 2
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ฉ๐ช
Vegascosmetics
2026-06-17 16:38:32
(2 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ฎ๐ฉ
hermawan
2026-06-02 00:40:40
(1 month ago)
[Tue Jun 02 07:40:37.393304 2026] [security2:error] [pid 287270:tid 139928242427584] [client 103.185 ...
show more
[Tue Jun 02 07:40:37.393304 2026] [security2:error] [pid 287270:tid 139928242427584] [client 103.185.224.132:39820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "ah4mhSFEedVtTuMT92f-PwAAUA8"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[287286] [SKdCj7qwDrY] [ah4mhSFEedVtTuMT92f-PwAAUA8] keep_alive=[1] [2026-06-02 07:40:37.393309] [R:ah4mhSFEedVtTuMT92f-PwAAUA8] UA:'Mozilla/5.0 (Linux; Android 6.0.1; Nex
...
show less
Email Spam
Hacking
๐ฉ๐ช
SMARTNET
2026-05-27 06:03:53
(1 month ago)
Aisuru(Mirai variant) DDoS | Incident ID: 0a9278f2-ffb8-4472-8b4f-87e634c16433
DDoS Attack
๐จ๐ญ
ALPHANET
2026-05-25 05:10:04
(1 month ago)
Botnet or web spider not respecting robots.txt
DDoS Attack
Exploited Host
๐ฉ๐ช
filstal.org
2026-04-08 08:39:00
(2 months ago)
Brute-force/Enumeration: Multiple login attempts for non-existent mail accounts (Honeytrap).
Email Spam
Brute-Force
Anonymous
2026-04-05 19:54:56
(3 months ago)
DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: a ...
show more
DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: amplification attacks via third-parties e.g. HTTP_USER_AGENT facebookexternalhit/meta-externalagent/meta-externalfetcher or IPs from googleusercontent.com with fake HTTP_REFERER foxnews.com/newsweek.com/upwork.com/activision.com/... Port 443.
show less
DDoS Attack
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-02-23 16:26:10
(4 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
๐บ๐ธ
gui-ying233
2026-02-07 01:37:20
(5 months ago)
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Sa ...
show more
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-01-03 01:21:19
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 103.185.224.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 103.185.224.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 20:21:13.633840 2026] [security2:error] [pid 8940:tid 8940] [client 103.185.224.132:34384] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.john-bell-associates.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.john-bell-associates.com"] [uri "/reddit.com"] [unique_id "aVhvCVXm-gkMrCrrJoP6jgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
Short-legs-Spider
2025-12-21 15:13:56
(6 months ago)
Disregard of robots.txt
--
[22/Dec/2025:00:13:56 +0900] "GET /==l HTTP/1.1" 403 77 "https://==.jp/ ...
show more
Disregard of robots.txt
--
[22/Dec/2025:00:13:56 +0900] "GET /==l HTTP/1.1" 403 77 "https://==.jp/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
show less
Bad Web Bot
๐จ๐ฆ
polycoda
2025-12-11 15:11:57
(6 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐ซ๐ท
bigorre.org
2025-12-09 14:46:14
(6 months ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
Anonymous
2025-11-25 06:43:31
(7 months ago)
scanning http requests from known botnet
Web App Attack