AbuseIPDB » 114.119.150.28

114.119.150.28 was found in our database!

This IP was reported 547 times. Confidence of Abuse is 57%: ?

57%

ISP	Huawei International Pte. Ltd.
Usage Type	Search Engine Spider
Hostname(s)	petalbot-114-119-150-28.petalsearch.com
Domain Name	huawei.com
Country	Singapore
City	Singapore, Singapore

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 114.119.150.28

Whois 114.119.150.28

IP Abuse Reports for 114.119.150.28:

This IP address has been reported a total of 547 times from 43 distinct sources. 114.119.150.28 was first reported on December 19th 2020, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp	Comment	Categories
Anonymous	2023-12-01 20:47:52 (9 hours ago)	fail2ban_hh apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/app/we ... show morefail2ban_hh apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/app/web.cgi"] show less	Web App Attack
MAGIC	2023-11-30 14:45:56 (1 day ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2023-11-30 13:55:17 (1 day ago)	Excessive crawling/scraping	Hacking Brute-Force
Bytemark	2023-11-27 07:31:46 (4 days ago)	114.119.150.28 - - [27/Nov/2023:07:31:45 +0000] "GET /phpBB3/viewtopic.php?p=32648 HTTP/1.1" 301 727 ... show more114.119.150.28 - - [27/Nov/2023:07:31:45 +0000] "GET /phpBB3/viewtopic.php?p=32648 HTTP/1.1" 301 7278 "-" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less	Brute-Force Web App Attack
Anonymous	2023-11-25 21:02:58 (6 days ago)		Web App Attack
syokadmin	2023-11-25 11:08:52 (6 days ago)	(mod_security) mod_security (id:77225080) triggered by 114.119.150.28 (SG/Singapore/petalbot-114-119 ... show more(mod_security) mod_security (id:77225080) triggered by 114.119.150.28 (SG/Singapore/petalbot-114-119-150-28.petalsearch.com): 1 in the last 3600 secs show less	Brute-Force
MAGIC	2023-11-24 15:09:42 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Bay13	2023-11-22 15:21:57 (1 week ago)	f2b http-badbots	Bad Web Bot
Anonymous	2023-11-22 15:20:48 (1 week ago)	Excessive crawling/scraping	Hacking Brute-Force
TPI-Abuse	2023-11-22 13:51:44 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 114.119.150.28 (petalbot-114-119-150-28.petalse ... show more(mod_security) mod_security (id:210730) triggered by 114.119.150.28 (petalbot-114-119-150-28.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 22 08:51:40.151918 2023] [security2:error] [pid 26039] [client 114.119.150.28:54125] [client 114.119.150.28] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.hayrun.com|F|2"] [data ".hayrun.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.hayrun.com"] [uri "/blog/img_0672/www.hayrun.com"] [unique_id "ZV4HbBpKIYvNQR-i8_xYoAAAAA0"], referer: https://www.hayrun.com/blog/img_0672/ show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2023-11-19 02:43:23 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 114.119.150.28 (petalbot-114-119-150-28.petalse ... show more(mod_security) mod_security (id:210730) triggered by 114.119.150.28 (petalbot-114-119-150-28.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 18 21:43:17.706819 2023] [security2:error] [pid 29119] [client 114.119.150.28:47055] [client 114.119.150.28] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.vindiesel.com|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.vindiesel.com"] [uri "/sites/all/modules/community/views/modules/comment/views_handler_field_comment_link_delete.inc"] [unique_id "ZVl2Rd4fyBpzPyxRc2pDHQAAABQ"], referer: https://www.vindiesel.com/sites/all/modules/community/views/modules/comment/?C=D%3BO%3DA show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-17 22:05:07 (2 weeks ago)	Excessive crawling/scraping	Hacking Brute-Force
Anonymous	2023-11-16 02:18:23 (2 weeks ago)		Web App Attack
MAGIC	2023-11-15 11:17:07 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
TPI-Abuse	2023-11-13 23:24:46 (2 weeks ago)	(mod_security) mod_security (id:225080) triggered by 114.119.150.28 (petalbot-114-119-150-28.petalse ... show more(mod_security) mod_security (id:225080) triggered by 114.119.150.28 (petalbot-114-119-150-28.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 13 18:24:39.237086 2023] [security2:error] [pid 4980:tid 47900089259776] [client 114.119.150.28:41251] [client 114.119.150.28] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:C" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)||www.longevityworkout.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.longevityworkout.com"] [uri "/wp-includes/js/thickbox/"] [unique_id "ZVKwN-Wn01_bo9Sv1BjHaQAAAk0"], referer: https://www.longevityworkout.com/wp-includes/js/thickbox/ show less	Brute-Force Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩