hermawan
2023-11-29 13:19:32
(17 hours ago)
[Wed Nov 29 20:19:16.601904 2023] [security2:error] [pid 46289:tid 140389478536768] [client 114.119. ... show more [Wed Nov 29 20:19:16.601904 2023] [security2:error] [pid 46289:tid 140389478536768] [client 114.119.135.253:48051] [client 114.119.135.253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot) request_line = GET /index.php/prakiraan-bulanan/4097-prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-provinsi-jawa-timur/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-provinsi-jawa-timur-tahun-2021/555558..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakirashow less
Hacking
Web App Attack
TPI-Abuse
2023-11-28 08:29:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 114.119.135.253 (petalbot-114-119-135-253.petal ... show more (mod_security) mod_security (id:210492) triggered by 114.119.135.253 (petalbot-114-119-135-253.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 03:29:35.540622 2023] [security2:error] [pid 28830] [client 114.119.135.253:28345] [client 114.119.135.253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "budstl.com"] [uri "/pakeceweklu.php"] [unique_id "ZWWk74KHxaECMk8n0DY-AgAAACo"], referer: https://budstl.com/pakeceweklu.php?path=/home/rbanis/public_html/msbookforkids.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-11-27 12:54:39
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 114.119.135.253 (petalbot-114-119-135-253.petal ... show more (mod_security) mod_security (id:210730) triggered by 114.119.135.253 (petalbot-114-119-135-253.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 27 07:54:35.848784 2023] [security2:error] [pid 18939] [client 114.119.135.253:20031] [client 114.119.135.253] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.vindiesel.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.vindiesel.com"] [uri "/sites/all/modules/community/views/handlers/views_handler_filter_entity_bundle.inc"] [unique_id "ZWSRixDFzV6Iyvqgvmw5DwAAAA4"], referer: https://www.vindiesel.com/sites/all/modules/community/views/handlers/?C=M%3BO%3DA show less
Brute-Force
Bad Web Bot
Web App Attack
chronos
2023-11-27 11:36:10
(2 days ago)
[[27/11/2023 - 08:36:09 -03:00 UTC]
Attack from [HUAWEI INTERNATIONAL PTE. LTD.]
[114.11 ... show more [[27/11/2023 - 08:36:09 -03:00 UTC]show less
Bad Web Bot
MAGIC
2023-11-25 14:04:25
(4 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
SPYRA ROCKS
2023-11-25 11:36:32
(4 days ago)
Bad Web Bot
Bay13
2023-11-24 02:12:23
(6 days ago)
f2b http-badbots
Bad Web Bot
Bytemark
2023-11-23 15:33:43
(6 days ago)
114.119.135.253 - - [23/Nov/2023:15:33:42 +0000] "GET /course/access-to-he-diploma/social-work/ HTTP ... show more 114.119.135.253 - - [23/Nov/2023:15:33:42 +0000] "GET /course/access-to-he-diploma/social-work/ HTTP/1.1" 200 56013 "https://www.distancelearningcentre.com/study-at-home-save-the-NHS-protect-lives.php" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less
Brute-Force
Web App Attack
TPI-Abuse
2023-11-21 04:34:31
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 114.119.135.253 (petalbot-114-119-135-253.petal ... show more (mod_security) mod_security (id:210730) triggered by 114.119.135.253 (petalbot-114-119-135-253.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 20 23:34:27.682796 2023] [security2:error] [pid 5586] [client 114.119.135.253:45461] [client 114.119.135.253] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.brickyardinn.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.brickyardinn.com"] [uri "/mail to: [email protected] "] [unique_id "ZVwzU2lN4BzDirGVVAUfCQAAAAs"], referer: http://www.brickyardinn.com/statement.htm show less
Brute-Force
Bad Web Bot
Web App Attack
Bytemark
2023-11-19 14:41:00
(1 week ago)
114.119.135.253 - - [19/Nov/2023:14:40:59 +0000] "GET /phpBB3/viewtopic.php HTTP/1.1" 301 7262 "http ... show more 114.119.135.253 - - [19/Nov/2023:14:40:59 +0000] "GET /phpBB3/viewtopic.php HTTP/1.1" 301 7262 "https://www.distancelearningcentre.com/phpBB3/search.php?author_id=350&sr=posts" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less
Brute-Force
Web App Attack
MAGIC
2023-11-19 12:09:41
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
SPYRA ROCKS
2023-11-18 10:15:01
(1 week ago)
Bad Web Bot
MAGIC
2023-11-18 10:05:56
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
SCHAPPY
2023-11-17 18:13:47
(1 week ago)
Bad bot identified by user agent
Bad Web Bot
hermawan
2023-11-17 15:55:59
(1 week ago)
[Fri Nov 17 22:55:53.220983 2023] [security2:error] [pid 1009093:tid 140461159196224] [client 114.11 ... show more [Fri Nov 17 22:55:53.220983 2023] [security2:error] [pid 1009093:tid 140461159196224] [client 114.119.135.253:44169] [client 114.119.135.253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot) request_line = GET /index.php/prakiraan-bulanan/3938-prakiraan-sifat-hujan-bulanan/prakiraan-sifat-hujan-bulanan-di-propinsi-jawa-timur/prakiraan-sifat-hujan-bulanan-di-propinsi-jawa-timur-tahun-2019/992-prakiraan-bulanan-sifat-hujan-bulan-november-tahun-2019-update-dari-analisis-bul..."] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-show less
Hacking
Web App Attack
Singapore