MAGIC
2023-11-30 15:26:15
(1 day ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2023-11-30 14:23:29
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 114.119.137.43 (petalbot-114-119-137-43.petalse ... show more (mod_security) mod_security (id:210730) triggered by 114.119.137.43 (petalbot-114-119-137-43.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 30 09:23:18.419590 2023] [security2:error] [pid 26173] [client 114.119.137.43:22765] [client 114.119.137.43] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.vindiesel.com|F|2"] [data ".upgrade.inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.vindiesel.com"] [uri "/sites/all/modules/community/rules/includes/rules.upgrade.inc"] [unique_id "ZWia1iTnCIJ5nFwmQmD4EAAAAAk"], referer: https://www.vindiesel.com/sites/all/modules/community/rules/includes/?C=S%3BO%3DA show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-11-30 13:21:58
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 114.119.137.43 (petalbot-114-119-137-43.petalse ... show more (mod_security) mod_security (id:210730) triggered by 114.119.137.43 (petalbot-114-119-137-43.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 30 08:20:41.627113 2023] [security2:error] [pid 4469] [client 114.119.137.43:49861] [client 114.119.137.43] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pswebsite.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pswebsite.com"] [uri "/goggle.com"] [unique_id "ZWiMKagyvG4LVi_8l7-UNwAAAAA"], referer: http://pswebsite.com/answers.htm show less
Brute-Force
Bad Web Bot
Web App Attack
2023-11-30 09:57:54
(1 day ago)
Excessive crawling/scraping
Hacking
Brute-Force
Bytemark
2023-11-27 01:40:30
(5 days ago)
114.119.137.43 - - [27/Nov/2023:01:40:29 +0000] "GET /phpBB3/posting.php?mode=quote&p=35927 HTTP/1.1 ... show more 114.119.137.43 - - [27/Nov/2023:01:40:29 +0000] "GET /phpBB3/posting.php?mode=quote&p=35927 HTTP/1.1" 301 7300 "https://www.distancelearningcentre.com/phpBB3/viewtopic.php?t=8985" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less
Brute-Force
Web App Attack
MAGIC
2023-11-26 08:02:49
(5 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
2023-11-25 20:25:03
(6 days ago)
Web App Attack
MAGIC
2023-11-25 01:09:24
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
2023-11-21 23:48:16
(1 week ago)
Excessive crawling/scraping
Hacking
Brute-Force
MAGIC
2023-11-20 13:18:35
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
syokadmin
2023-11-20 10:30:43
(1 week ago)
(mod_security) mod_security (id:77225080) triggered by 114.119.137.43 (SG/Singapore/petalbot-114-119 ... show more (mod_security) mod_security (id:77225080) triggered by 114.119.137.43 (SG/Singapore/petalbot-114-119-137-43.petalsearch.com): 1 in the last 3600 secs show less
Brute-Force
TPI-Abuse
2023-11-19 14:26:22
(1 week ago)
(mod_security) mod_security (id:211190) triggered by 114.119.137.43 (petalbot-114-119-137-43.petalse ... show more (mod_security) mod_security (id:211190) triggered by 114.119.137.43 (petalbot-114-119-137-43.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 19 09:26:17.549350 2023] [security2:error] [pid 6365] [client 114.119.137.43:28345] [client 114.119.137.43] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||clickableprizes.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /pakeceweklu.php?path=/home/rbanis/etc/largeprintdailyjournal.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clickableprizes.com"] [uri "/pakeceweklu.php"] [unique_id "ZVobCTC7erjl5YtYO0HmegAAABo"], referer: http://clickableprizes.com/pakeceweklu.php?path=/home/rbanis/etc show less
Brute-Force
Bad Web Bot
Web App Attack
SCHAPPY
2023-11-17 23:53:08
(2 weeks ago)
Bad bot identified by user agent
Bad Web Bot
2023-11-17 08:18:53
(2 weeks ago)
Web App Attack
Bytemark
2023-11-13 14:56:08
(2 weeks ago)
114.119.137.43 - - [13/Nov/2023:14:56:07 +0000] "GET /phpBB3/viewtopic.php?p=926 HTTP/1.1" 301 7274 ... show more 114.119.137.43 - - [13/Nov/2023:14:56:07 +0000] "GET /phpBB3/viewtopic.php?p=926 HTTP/1.1" 301 7274 "-" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less
Brute-Force
Web App Attack
Singapore