Bytemark
2023-12-04 23:35:34
(1 day ago)
114.119.142.132 - - [04/Dec/2023:23:35:33 +0000] "GET /phpBB3/viewtopic.php?view=print HTTP/1.1" 301 ... show more 114.119.142.132 - - [04/Dec/2023:23:35:33 +0000] "GET /phpBB3/viewtopic.php?view=print HTTP/1.1" 301 7284 "https://www.distancelearningcentre.com/phpBB3/viewtopic.php?p=5045" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less
Brute-Force
Web App Attack
MAGIC
2023-12-04 12:01:48
(2 days ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
2023-12-03 18:22:04
(2 days ago)
Excessive crawling/scraping
Hacking
Brute-Force
2023-12-02 08:03:44
(4 days ago)
Web App Attack
MAGIC
2023-11-30 14:45:35
(6 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2023-11-26 11:32:36
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 114.119.142.132 (petalbot-114-119-142-132.petal ... show more (mod_security) mod_security (id:210730) triggered by 114.119.142.132 (petalbot-114-119-142-132.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 26 06:32:30.572495 2023] [security2:error] [pid 630060] [client 114.119.142.132:22941] [client 114.119.142.132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||artsy-style.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "artsy-style.com"] [uri "/images/_vti_cnf/Thumbs.db"] [unique_id "ZWMszsb5_kBKwvpfoesDxQAAABE"], referer: https://artsy-style.com/images/_vti_cnf/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-11-25 18:07:27
(1 week ago)
(mod_security) mod_security (id:211190) triggered by 114.119.142.132 (petalbot-114-119-142-132.petal ... show more (mod_security) mod_security (id:211190) triggered by 114.119.142.132 (petalbot-114-119-142-132.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 25 13:07:20.480884 2023] [security2:error] [pid 27353] [client 114.119.142.132:22115] [client 114.119.142.132] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||internationalseniortravel.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /pakeceweklu.php?path=/home/rbanis/etc/youthriskbehaviorbook.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internationalseniortravel.com"] [uri "/pakeceweklu.php"] [unique_id "ZWI32OKMv1LmbTD1u4XAfAAAABA"], referer: http://internationalseniortravel.com/pakeceweklu.php?path=/home/rbanis/etc show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2023-11-25 13:03:44
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2023-11-24 10:52:18
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 114.119.142.132 (petalbot-114-119-142-132.petal ... show more (mod_security) mod_security (id:210730) triggered by 114.119.142.132 (petalbot-114-119-142-132.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 24 05:52:15.854667 2023] [security2:error] [pid 2655866] [client 114.119.142.132:36123] [client 114.119.142.132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.microscopy.info|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.microscopy.info"] [uri "/Organization/Details/ http:/bestpricemedz.com"] [unique_id "ZWCAX5nCV75CPLEoHLoR2QAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
SPYRA ROCKS
2023-11-24 10:23:56
(1 week ago)
Bad Web Bot
2023-11-24 07:15:23
(1 week ago)
Excessive crawling/scraping
Hacking
Brute-Force
Bay13
2023-11-17 13:33:58
(2 weeks ago)
f2b http-badbots
Bad Web Bot
2023-11-17 05:07:22
(2 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
TPI-Abuse
2023-11-15 21:21:42
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 114.119.142.132 (petalbot-114-119-142-132.petal ... show more (mod_security) mod_security (id:210730) triggered by 114.119.142.132 (petalbot-114-119-142-132.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 15 16:21:37.725157 2023] [security2:error] [pid 14463:tid 47418930378496] [client 114.119.142.132:59667] [client 114.119.142.132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.varmouries.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.varmouries.com"] [uri "/vpics/WS_FTP.LOG"] [unique_id "ZVU2YdsM7jN3CA9sr12d5QAAAFM"], referer: http://www.varmouries.com/vpics/unused?C=D%3BO%3DA show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2023-11-15 13:06:20
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Singapore