๐บ๐ธ
kosada.com
2026-06-29 07:55:15
(2 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
Anonymous
2026-06-27 09:30:29
(4 days ago)
Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ...
show more
Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) | Attack Signature Blocked: /brands/projectiondesign/shopby/manufacturer-dis-rcf-lsi-ask_proxima-amx-projectiondesign-xyz-unify.html | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.3 | (Magento Site)
show less
Hacking
Bad Web Bot
๐ธ๐ฌ
mypatricks
2026-06-20 19:16:46
(1 week ago)
185.146.113.122 | Port: 13628 | DNS: nat-pool-185.146.113.122.katv1.net 2026-06-21T03:16:45+08:00 As ...
show more
185.146.113.122 | Port: 13628 | DNS: nat-pool-185.146.113.122.katv1.net 2026-06-21T03:16:45+08:00 Asia/Baku | Fake HTTP Protocol detected! | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: / | Ref: - | Country: AZ/Azerbaijan/+04:00 IP City: Sumqayฤฑt Windows a0ed1c0a5958e8f8-GYD/Baku, Azerbaijan 1 hits/0 secs Robots 0
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ฉ๐ช
Vegascosmetics
2026-06-16 06:52:12
(2 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ฐ๐ท
zlhIcd
2026-06-16 00:51:55
(2 weeks ago)
185.146.113.122 - - [15/Jun/2026:19:40:29 +0900] "GET /pcwiki/index.php?days=14&from=20251111063011& ...
show more
185.146.113.122 - - [15/Jun/2026:19:40:29 +0900] "GET /pcwiki/index.php?days=14&from=20251111063011&hideanons=1&limit=100&title=%ED%8A%B9%EC%88%98%EA%B8%B0%EB%8A%A5:%EB%A7%81%ED%81%AC%EC%B5%9C%EA%B7%BC%EB%B0%94%EB%80%9C HTTP/1.1" 404 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.182 Safari/537.36"
...
show less
Web Spam
SQL Injection
Bad Web Bot
Web App Attack
๐ฉ๐ช
SMARTNET
2026-05-27 06:03:53
(1 month ago)
Aisuru(Mirai variant) DDoS | Incident ID: f9eee327-63b9-4c70-8845-0c5f5dde9bdb
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-04-14 13:48:26
(2 months ago)
(mod_security) mod_security (id:217210) triggered by 185.146.113.122 (nat-pool-185.146.113.122.katv1 ...
show more
(mod_security) mod_security (id:217210) triggered by 185.146.113.122 (nat-pool-185.146.113.122.katv1.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 09:48:20.319172 2026] [security2:error] [pid 1373217:tid 1373217] [client 185.146.113.122:64294] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||www.glamorgirl.net|F|4"] [data "GET http://www.glamorgirl.net HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.glamorgirl.net"] [uri "/"] [unique_id "ad5FpD-rOIRXyNTE-QFHEQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
vtchost.com
2026-03-12 11:20:54
(3 months ago)
invalid/bad user agent - possible botnet
...
Bad Web Bot
Anonymous
2026-03-03 07:25:17
(3 months ago)
[03/Mar/2026:07:25:16 +0000] - 406 406 - GET https secnews.physaphae.fr "/index.php?IdFeed=37%29and% ...
show more
[03/Mar/2026:07:25:16 +0000] - 406 406 - GET https secnews.physaphae.fr "/index.php?IdFeed=37%29and%2F%2A%2A%2F5252%3DCAsT%28%2527~%2527%7C%7C%28SeLEcT%2F%2A%2A%2F%28caSe%2F%2A%2A%2FwHeN%2F%2A%2A%2F%285252%3D5252%29%2F%2A%2A%2FTheN%2F%2A%2A%2F1%2F%2A%2A%2FeLSE%2F%2A%2A%2F0%2F%2A%2A%2FeND%29%29%3A%3ATexT%7C%7C%2527~%2527%2F%2A%2A%2FAs%2F%2A%2A%2FnumErIC%29--+-" [Client 185.146.113.122] [Length 100744] [Gzip -] [Sent-to 192.168.1.192] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-"
...
show less
SQL Injection
๐ฉ๐ช
iNetWorker
2026-02-09 09:31:29
(4 months ago)
firewall-block, port(s): 6881/udp
Port Scan
Anonymous
2026-02-03 04:30:18
(4 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2026.02.03 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2026.02.03 is noted in report timestamp
show less
Hacking
Brute-Force
๐ฎ๐น
VHosting
2026-01-27 10:05:46
(5 months ago)
Detected mail brute force attack from 4 different servers
Brute-Force
๐ช๐ธ
10dencehispahard SL
2026-01-26 08:51:51
(5 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
๐จ๐ฆ
polycoda
2025-12-24 12:41:21
(6 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐ช๐ธ
el-brujo
2025-12-18 19:15:00
(6 months ago)
DDoS Attack Layer 7 Meri Botnet
DDoS Attack