Here's a recent hacking attempt into a hosted web site. The hacking attempt is from webmeup-crawler.com
=============================
/%3Cscript%20type=%27text/javascript%27%3E%20%3C%21--%20var%20prefix%20=%20%27ma%27%20+%20%27il%27%20+%20%27to%27;%20var%20path%20=%20%27hr%27%20+%20%27ef%27%20+%20%27=%27;%20var%20addy64466%20=%20%27PetersHyland%27%20+%20%27@%27;%20addy64466%20=%20addy64466%20+%20%27ipre%27%20+%20%27.%27%20+%20%27com%27;%20document.write%28%27%3Ca%20%27%20+%20path%20+%20%27%5C%27%27%20+%20prefix%20+%20%27:%27%20+%20addy64466%20+%20%27%5C%27%3E%27%29;%20document.write%28addy64466%29;%20document.write%28%27%3C%5C/a%3E%27%29;%20/--%3E%5Cn%20%3C/script%3E%3Cscript%20type=%27text/javascript%27%3E%20%3C%21--%20document.write%28%27%3Cspan%20style=%5C%27display:%20none;%5C%27%3E%27%29;%20/--%3E%20%3C/script%3EThis%20email%20address%20is%20being%20protected%20from%20spambots.%20You%20need%20JavaScript%20enabled%20to%20view%20it.%20%3Cscript%20type=%27text/javascript%27%3E%20%3C%21--%20document.write%28%27%3C/%27%29;%20document.write%28%27span%3E%27%29;%20/--%3E%20%3C/script%3E
==============================
This translates into:
==============================
<script type='text/javascript'> <!-- var prefix = 'ma' 'il' 'to'; var path = 'hr' 'ef' '='; var addy64466 = 'PetersHyland' '@'; addy64466 = addy64466 'ipre' '.' 'com'; document.write('<a ' path '\'' prefix ':' addy64466 '\'>'); document.write(addy64466); document.write('<\/a>'); /-->\n </script><script type='text/javascript'> <!-- document.write('<span style=\'display: none;\'>'); /--> </script>This email address is being protected from spambots. You need JavaScript enabled to view it. <script type='text/javascript'> <!-- document.write('</'); document.write('span>'); /--> </script>
==============================
This was repeated in a brute force attack, changing the password for every attemtp.
Nice one... but not this time.