๐บ๐ธ
stechusa
2026-07-05 15:16:43
(2 days ago)
[Askari] | country=AR | ASN=Hidalgo Mario Gabriel (TACHICOM REDES&TELECOMUNICACIONES)
Bad Web Bot
DDoS Attack
๐ฎ๐ฉ
hermawan
2026-07-02 05:01:10
(5 days ago)
[Thu Jul 02 12:01:09.199783 2026] [security2:error] [pid 65627:tid 140539966969536] [client 162.12.1 ...
show more
[Thu Jul 02 12:01:09.199783 2026] [security2:error] [pid 65627:tid 140539966969536] [client 162.12.198.11:54552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yahoo.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yahoo.go.id found within REQUEST_HEADERS:Referer: https://www.yahoo.go.id/ request_line = GET /index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan"] [unique_id "akXwlbrYExliVhR_8Aii7AAA0hI"], referer https://www.yahoo.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[65646] [9PAvstm61CI] [akXwlbrYExliVhR_8Aii7AAA0hI] keep_alive=[1] [2026-07-02 12:01:09.199789] [R:akXwlbrYExliVhR_8Aii7AAA0hI] UA:'Mozilla/5.0 (Linux; Andr
...
show less
Email Spam
Hacking
๐บ๐ธ
kosada.com
2026-06-29 10:26:19
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฉ๐ช
Vegascosmetics
2026-06-09 20:51:15
(4 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐บ๐ธ
quilla
2026-04-03 03:20:35
(3 months ago)
Botnet infected device observed in honeypot (Vector: TCP)
DDoS Attack
๐ต๐ฑ
sefinek.net
2026-04-01 23:23:06
(3 months ago)
Triggered Cloudflare WAF (firewallCustom) from AR.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from AR.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /credits | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-03-21 18:44:11
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 162.12.198.11 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 162.12.198.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 14:44:07.246728 2026] [security2:error] [pid 13337:tid 13337] [client 162.12.198.11:60722] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.leothecolorman.com|F|2"] [data ".grovewood.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.leothecolorman.com"] [uri "/tag/imagination/www.grovewood.com"] [unique_id "ab7m9wxPu-H6WvmfLIJ6-gAAAAg"], referer: https://www.leothecolorman.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-03-19 08:13:11
(3 months ago)
SMTP. NO LOGIN / auth failed
Port Scan
Brute-Force
๐บ๐ธ
johnkarlhill
2026-03-15 10:05:32
(3 months ago)
WebKnight blocked malicious web request on johnkarlhill.com
Brute-Force
SSH
๐จ๐ฆ
polycoda
2026-03-09 11:37:37
(3 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐บ๐ธ
kosada.com
2026-02-03 16:18:56
(5 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
Anonymous
2026-01-25 18:16:48
(5 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Bad Web Bot
Exploited Host
๐บ๐ธ
gui-ying233
2026-01-11 13:54:22
(5 months ago)
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/537.36 (KHTML, like Gecko, Mediapartners- ...
show more
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/537.36 (KHTML, like Gecko, Mediapartners-Google) Chrome/89.0.4389.130 Safari/537.36
show less
Bad Web Bot
๐ฆ๐บ
MAGIC
2026-01-05 03:06:43
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-12-26 16:09:49
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 162.12.198.11 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 162.12.198.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 11:09:43.345823 2025] [security2:error] [pid 28170:tid 28170] [client 162.12.198.11:55440] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.med-engineering.com|F|2"] [data ".movfor.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/www.movfor.com"] [unique_id "aU6zR3pVcXz4dwqqO8quhwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack