๐ณ๐ฑ
DrLex0
2026-07-17 23:38:00
(1 day ago)
BnL006: Obvious dumb distributed botnet crawler stepping into honeypot trap despite it clearly being ...
show more
BnL006: Obvious dumb distributed botnet crawler stepping into honeypot trap despite it clearly being a burning bag of dog poop.
114.130.99.183 443 - [17/Jul/2026:23:38:00 +0000] "GET [redacted] HTTP/1.1" 503 6152 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Bad Web Bot
Exploited Host
๐ท๐ด
INTEQ
2026-07-15 06:52:23
(4 days ago)
Web attack from 114.130.99.183
Web App Attack
Anonymous
2026-07-13 18:15:13
(6 days ago)
Large-scale coordinated botnet (666+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ...
show more
Large-scale coordinated botnet (666+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) | Attack Signature Blocked: /brands/shopby/manufacturer-rcf-sony-chief-lsi-plantronics-xyz.html?p=5 | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 | (Magento Site)
show less
Hacking
Bad Web Bot
๐บ๐ธ
kosada.com
2026-07-11 15:33:52
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-11 00:37:54
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 114.130.99.183 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 114.130.99.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 20:37:39.804528 2026] [security2:error] [pid 13996:tid 13996] [client 114.130.99.183:53562] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||heatherweathers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "heatherweathers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alGQU63pFdocFCje-DtOTQAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bigorre.org
2026-07-07 16:54:33
(1 week ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐จ๐ญ
backslash
2026-07-01 06:12:03
(2 weeks ago)
block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803
Bad Web Bot
๐ฐ๐ท
zlhIcd
2026-06-30 02:39:54
(2 weeks ago)
114.130.99.183 - - [16/Jun/2026:12:26:58 +0900] "GET /pcwiki/index.php?days=14&from=20251216072045&h ...
show more
114.130.99.183 - - [16/Jun/2026:12:26:58 +0900] "GET /pcwiki/index.php?days=14&from=20251216072045&hideanons=1&hideminor=1&hidemyself=1&title=%ED%8A%B9%EC%88%98%EA%B8%B0%EB%8A%A5:%EB%A7%81%ED%81%AC%EC%B5%9C%EA%B7%BC%EB%B0%94%EB%80%9C HTTP/1.1" 404 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_2_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36"
...
show less
Web Spam
SQL Injection
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 09:53:37
(2 weeks ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฎ๐น
A000Z
2026-05-31 06:22:35
(1 month ago)
Fail2Ban: 114.130.99.183 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5 ...
show more
Fail2Ban: 114.130.99.183 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
show less
Bad Web Bot
๐ฉ๐ช
EGP Abuse Dept
2026-05-25 11:39:02
(1 month ago)
Scraping webshop URLs (www.dewijs-3d.com), likely botnet drone
Bad Web Bot
Exploited Host
Anonymous
2026-05-18 20:44:23
(2 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Exploited Host
Bad Web Bot
๐บ๐ธ
MPL
2026-05-06 04:12:34
(2 months ago)
tcp/23 (2 or more attempts)
Port Scan
Anonymous
2026-05-05 02:06:25
(2 months ago)
Unauthorized connection attempt on Port 2323
Port Scan
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-04-16 03:51:55
(3 months ago)
(mod_security) mod_security (id:217210) triggered by 114.130.99.183 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:217210) triggered by 114.130.99.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 23:51:42.334693 2026] [security2:error] [pid 3539406:tid 3539406] [client 114.130.99.183:35836] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||zee33ours.de|F|4"] [data "GET http://zee33ours.de HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "zee33ours.de"] [uri "/"] [unique_id "aeBcztFSkPiRImBpWV8MvAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack