๐บ๐ธ
TPI-Abuse
2026-07-06 12:26:23
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 45.191.84.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.191.84.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:26:18.844972 2026] [security2:error] [pid 19974:tid 19974] [client 45.191.84.193:42474] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.homebuilt.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.homebuilt.org"] [uri "/directory/[email protected] "] [unique_id "akue6lwzGg55JcLjNhbe2gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-25 21:16:51
(3 weeks ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-09 15:14:36
(1 month ago)
(mod_security) mod_security (id:217210) triggered by 45.191.84.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:217210) triggered by 45.191.84.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:14:28.513441 2026] [security2:error] [pid 3413:tid 3413] [client 45.191.84.193:36329] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||ca33organizations.shop|F|4"] [data "GET http://ca33organizations.shop HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ca33organizations.shop"] [uri "/"] [unique_id "aigt1H22bEIXuqepyTVaSwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-04 04:30:22
(1 month ago)
Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 | Attack Signatur ...
show more
Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 | Attack Signature Blocked: /wishlist/index/add/product/9932/form_key/oWi8K8GRRhtSWdjX/ | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Ge...
show less
Hacking
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2026-06-04 00:18:52
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ท๐ด
INTEQ
2026-05-28 00:39:01
(1 month ago)
Web attack from 45.191.84.193
Web App Attack
๐ซ๐ท
vtchost.com
2026-05-14 21:39:44
(2 months ago)
requested honeypot page - ignored robots.txt - scraping botnet or virus
...
Bad Web Bot
Exploited Host
๐บ๐ธ
quilla
2026-03-28 23:35:00
(3 months ago)
Botnet infected device observed in honeypot (Vector: TCP HANDSHAKE ATTACK)
DDoS Attack
๐บ๐ธ
matt
2026-03-03 22:49:05
(4 months ago)
DDOS attack with query parameters attempting to overload WordPress site.
DDoS Attack
Anonymous
2026-01-26 22:04:01
(5 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-post.asp
show less
Bad Web Bot
Exploited Host
Anonymous
2025-12-09 16:47:22
(7 months ago)
botnet
DDoS Attack
Anonymous
2025-12-03 07:40:47
(7 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.03 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.03 is noted in report timestamp
show less
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-12-01 04:08:02
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 45.191.84.193 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.191.84.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 23:07:57.077413 2025] [security2:error] [pid 20687:tid 20687] [client 45.191.84.193:54195] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||gundiahgazette.com.au|F|2"] [data ".munnacreekhall.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gundiahgazette.com.au"] [uri "/www.munnacreekhall.com"] [unique_id "aS0UnSWYZw2d4XyGjf4TsQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SMARTNET
2025-11-26 02:37:10
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
Anonymous
2025-11-25 07:34:33
(7 months ago)
scanning http requests from known botnet
Web App Attack