Anonymous
2026-07-11 13:11:46
(7 hours ago)
Web app attack and vulnerability scan detected from IIS logs
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 20:22:06
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 103.31.179.189 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 103.31.179.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:21:48.750089 2026] [security2:error] [pid 25331:tid 25331] [client 103.31.179.189:27126] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||chrisbilder.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chrisbilder.com"] [uri "/regression/chapters/SO2.DAT"] [unique_id "ak1f3B_aGNyjQOeUh3Qp3wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 23:32:50
(5 days ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐บ๐ธ
kosada.com
2026-06-29 12:48:37
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
Anonymous
2026-04-24 02:36:05
(2 months ago)
Automated bot traffic โ residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ...
show more
Automated bot traffic โ residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐ธ๐ฌ
mypatricks
2026-03-22 15:20:01
(3 months ago)
103.31.179.189 | Port: 11713 | DNS: 103.31.179.189 2026-03-22T23:20:00+08:00 Asia/Dhaka | FETCH Spro ...
show more
103.31.179.189 | Port: 11713 | DNS: 103.31.179.189 2026-03-22T23:20:00+08:00 Asia/Dhaka | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /contents/opencart-module?ffbdcfeafbec=ddeaddcbd | Ref: - | Country: BD/Bangladesh/+06:00 IP City: Pฤbna 9e062d36ca5816d4-DAC/Dhaka, Bangladesh 1 hits/0 secs Robots 1
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-03-19 03:51:08
(3 months ago)
(mod_security) mod_security (id:217210) triggered by 103.31.179.189 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:217210) triggered by 103.31.179.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 23:50:53.662648 2026] [security2:error] [pid 11671:tid 11671] [client 103.31.179.189:48278] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||star71approach.shop|F|4"] [data "GET http://star71approach.shop HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "star71approach.shop"] [uri "/"] [unique_id "abtynT6BTLrRy19oUVr23wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
matt
2026-03-04 03:16:15
(4 months ago)
DDOS attack with query parameters attempting to overload WordPress site.
DDoS Attack
๐ฉ๐ช
HandyTreff.de
2026-02-12 21:33:56
(4 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -54.227 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -54.227 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Sa
show less
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-01-31 01:05:57
(5 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐ฎ๐น
VHosting
2025-12-23 15:20:24
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
Anonymous
2025-12-11 21:42:07
(6 months ago)
scanning http requests from known botnet
Web App Attack
๐จ๐ญ
backslash
2025-12-10 10:16:01
(7 months ago)
block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803
Bad Web Bot
Anonymous
2025-12-09 13:50:06
(7 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.09 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.09 is noted in report timestamp
show less
Hacking
Brute-Force
Anonymous
2025-12-01 11:15:35
(7 months ago)
botnet
DDoS Attack