๐ซ๐ท
Sklurk
2026-07-06 06:04:56
(1 day ago)
Web App Attack
Web App Attack
๐บ๐ธ
kosada.com
2026-06-28 03:05:15
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-27 13:02:03
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 116.204.43.191 (ecs-116-204-43-191.compute.hwcl ...
show more
(mod_security) mod_security (id:210730) triggered by 116.204.43.191 (ecs-116-204-43-191.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 09:01:58.609988 2026] [security2:error] [pid 24256:tid 24256] [client 116.204.43.191:60694] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||irises.batw.net|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "irises.batw.net"] [uri "/mailto/E-Mail:[email protected] "] [unique_id "aj_Jxs8aKBpy4EfH9R5A0gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
librebit
2026-06-21 18:30:00
(2 weeks ago)
Brute force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-08 07:23:31
(4 weeks ago)
(mod_security) mod_security (id:210381) triggered by 116.204.43.191 (ecs-116-204-43-191.compute.hwcl ...
show more
(mod_security) mod_security (id:210381) triggered by 116.204.43.191 (ecs-116-204-43-191.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:23:24.621922 2026] [security2:error] [pid 27255:tid 27276] [client 116.204.43.191:39118] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||www.mentzlaw.com|F|4"] [data "REQUEST_URI=/louisianaboatingaccidentlawyer/%url%"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mentzlaw.com"] [uri "/louisianaboatingaccidentlawyer/%url%"] [unique_id "aiZt7PkNtE7kFq46wKUQkAAAAFM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-24 23:20:02
(1 month ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐ธ๐ฌ
mypatricks
2026-05-10 18:14:52
(1 month ago)
116.204.43.191 | Port: 13947 | DNS: ecs-116-204-43-191.compute.hwclouds-dns.com 2026-05-11T02:14:51+ ...
show more
116.204.43.191 | Port: 13947 | DNS: ecs-116-204-43-191.compute.hwclouds-dns.com 2026-05-11T02:14:51+08:00 Asia/Singapore | HWCLOUDS-DNS Data Center/Web Hosting/Transit Spam list | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /malaysia/johor/skudai/?sort=p.price&order=DESC&page=1 | Ref: - | Country: CN/China/+08:00 Windows 9f9aed063b3cb945-AMS/Amsterdam, Netherlands 1 hits/0 secs Browser 4
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ฏ๐ต
Short-legs-Spider
2026-05-09 00:54:51
(1 month ago)
Persistent request
--
[09/May/2026:09:54:51 +0900] "GET /==4.htm HTTP/2.0" 403 76 "-" "Mozilla/5.0 ...
show more
Persistent request
--
[09/May/2026:09:54:51 +0900] "GET /==4.htm HTTP/2.0" 403 76 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36"
show less
Bad Web Bot
๐ธ๐ฌ
mypatricks
2026-05-08 06:40:34
(1 month ago)
116.204.43.191 | Port: 13316 | DNS: ecs-116-204-43-191.compute.hwclouds-dns.com 2026-05-08T14:40:33+ ...
show more
116.204.43.191 | Port: 13316 | DNS: ecs-116-204-43-191.compute.hwclouds-dns.com 2026-05-08T14:40:33+08:00 Asia/Singapore | HWCLOUDS-DNS Data Center/Web Hosting/Transit Spam list | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /malaysia/johor/kulai/patrick-dog-and-hush-puppy-dog/?sort=p.date_added&order=DESC&limit=75 | Ref: - | Country: CN/China/+08:00 Windows 9f86793bbbc4cd1f-LAX/Los Angeles, CA, United States 1 hits/0 secs Browser 4
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ซ๐ท
Sklurk
2026-05-05 03:44:07
(2 months ago)
Web App Attack
Web App Attack
๐ฆ๐บ
MAGIC
2026-05-05 01:05:26
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ช
HandyTreff.de
2026-05-02 05:25:03
(2 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -22.106 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -22.106 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.
show less
Web App Attack
Bad Web Bot
๐จ๐ญ
backslash
2026-05-01 08:21:21
(2 months ago)
Bad Web Bot
Anonymous
2026-04-30 18:24:27
(2 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in printer-friendly.asp
show less
Exploited Host
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-19 06:03:08
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 116.204.43.191 (ecs-116-204-43-191.compute.hwcl ...
show more
(mod_security) mod_security (id:210730) triggered by 116.204.43.191 (ecs-116-204-43-191.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:03:03.504510 2026] [security2:error] [pid 31442:tid 31442] [client 116.204.43.191:43460] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||phantomquailkennel.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "phantomquailkennel.com"] [uri "/[email protected] "] [unique_id "aeRwF6_WOe2D9Sjhvt71UgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack