AbuseIPDB » 114.119.134.6

114.119.134.6 was found in our database!

This IP was reported 635 times. Confidence of Abuse is 66%: ?

66%

ISP	Huawei International Pte. Ltd.
Usage Type	Search Engine Spider
Hostname(s)	petalbot-114-119-134-6.petalsearch.com
Domain Name	huawei.com
Country	Singapore
City	Singapore, Singapore

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 114.119.134.6

Whois 114.119.134.6

IP Abuse Reports for 114.119.134.6:

This IP address has been reported a total of 635 times from 52 distinct sources. 114.119.134.6 was first reported on December 10th 2020, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp	Comment	Categories
hermawan	2023-12-01 09:35:37 (19 hours ago)	[Fri Dec 01 16:35:35.957149 2023] [security2:error] [pid 183792:tid 140238181619264] [client 114.119 ... show more[Fri Dec 01 16:35:35.957149 2023] [security2:error] [pid 183792:tid 140238181619264] [client 114.119.134.6:39367] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot) request_line = GET /index.php/profil/arsip-artikel?id=617&start=530 HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "ZWmo54TKZdprMpXDT-yKEwAAAjw"] [staklim-malang.info] [staklim-malang.info] top=[183951] [XbaFfUfLMsI] [ZWmo54TKZdprMpXDT-yKEwAAAjw] keep_alive=[0] [2023-12-01 16:35:35.957155] [R:ZWmo54TKZdprM ... show less	Hacking Web App Attack
MAGIC	2023-11-30 17:09:05 (1 day ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
TPI-Abuse	2023-11-30 02:03:13 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsear ... show more(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 29 21:03:07.522134 2023] [security2:error] [pid 31572] [client 114.119.134.6:63583] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.vindiesel.com\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.vindiesel.com"] [uri "/sites/all/modules/community/views/modules/translation/views_handler_field_node_link_translate.inc"] [unique_id "ZWftW1Dw9oPbcwZuXF3zpgAAAAg"], referer: https://www.vindiesel.com/sites/all/modules/community/views/modules/translation/?C=D%3BO%3DA show less	Brute-Force Bad Web Bot Web App Attack
Bytemark	2023-11-29 17:34:45 (2 days ago)	114.119.134.6 - - [29/Nov/2023:17:34:44 +0000] "GET /phpBB3/viewtopic.php?start=15&view=print HTTP/1 ... show more114.119.134.6 - - [29/Nov/2023:17:34:44 +0000] "GET /phpBB3/viewtopic.php?start=15&view=print HTTP/1.1" 301 7306 "https://www.distancelearningcentre.com/phpBB3/viewtopic.php?p=4595" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less	Brute-Force Web App Attack
TPI-Abuse	2023-11-28 08:05:58 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsear ... show more(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 03:05:54.508497 2023] [security2:error] [pid 12989] [client 114.119.134.6:62207] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|qualityelevatorcabs.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qualityelevatorcabs.com"] [uri "/[email protected]"] [unique_id "ZWWfYux-eI09gVO8AvwelgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
MAGIC	2023-11-26 08:11:01 (5 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
AvonleaConsulting	2023-11-26 00:02:42 (6 days ago)	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
TPI-Abuse	2023-11-25 16:21:34 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsear ... show more(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 25 11:21:30.634669 2023] [security2:error] [pid 26446] [client 114.119.134.6:51891] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|salsberggroup.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "salsberggroup.com"] [uri "/remmont.com"] [unique_id "ZWIfCq2XbbIarmV2z9du7gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-25 06:53:05 (6 days ago)	Excessive crawling/scraping	Hacking Brute-Force
AvonleaConsulting	2023-11-25 00:01:00 (1 week ago)	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
TPI-Abuse	2023-11-24 18:56:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsear ... show more(mod_security) mod_security (id:210492) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 24 13:56:26.559473 2023] [security2:error] [pid 10721] [client 114.119.134.6:62787] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digitalactionplanner.com"] [uri "/pakeceweklu.php"] [unique_id "ZWDx2llz7UvSdpDQcBLRaQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-24 11:04:12 (1 week ago)	fail2ban_hh apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/robots ... show morefail2ban_hh apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/robots.txt"] show less	Web App Attack
TPI-Abuse	2023-11-23 08:07:14 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsear ... show more(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 23 03:07:07.492877 2023] [security2:error] [pid 15805] [client 114.119.134.6:33571] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pages4you.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/photos/Thumbs.db"] [unique_id "ZV8IK-P4mFHc77jWTJHx5AAAABM"], referer: https://www.pages4you.com/photos/ show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2023-11-20 20:40:40 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsear ... show more(mod_security) mod_security (id:210730) triggered by 114.119.134.6 (petalbot-114-119-134-6.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 20 15:40:36.373377 2023] [security2:error] [pid 27886] [client 114.119.134.6:33041] [client 114.119.134.6] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.artsy-style.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.artsy-style.com"] [uri "/ART/animals/_vti_cnf/Thumbs.db"] [unique_id "ZVvERBImQPCVsjF1SaNrQQAAABE"], referer: http://www.artsy-style.com/ART/animals/_vti_cnf/?C=N%3BO%3DD show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-17 19:37:27 (2 weeks ago)	Excessive crawling/scraping	Hacking Brute-Force