AbuseIPDB » 114.119.152.71

114.119.152.71 was found in our database!

This IP was reported 608 times. Confidence of Abuse is 58%: ?

58%

ISP	Huawei International Pte. Ltd.
Usage Type	Search Engine Spider
Hostname(s)	petalbot-114-119-152-71.petalsearch.com
Domain Name	huawei.com
Country	Singapore
City	Singapore, Singapore

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 114.119.152.71

Whois 114.119.152.71

IP Abuse Reports for 114.119.152.71:

This IP address has been reported a total of 608 times from 43 distinct sources. 114.119.152.71 was first reported on December 26th 2020, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp	Comment	Categories
Bay13	2023-11-29 16:16:16 (15 hours ago)	f2b http-badbots	Bad Web Bot
hermawan	2023-11-29 13:19:48 (18 hours ago)	[Wed Nov 29 20:19:21.239693 2023] [security2:error] [pid 46289:tid 140387918280256] [client 114.119. ... show more[Wed Nov 29 20:19:21.239693 2023] [security2:error] [pid 46289:tid 140387918280256] [client 114.119.152.71:51605] [client 114.119.152.71] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot) request_line = GET /84.php HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/84.php"] [unique_id "ZWc6WfVxKxR9Mh3OK2mFcAAAAFE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[46457] [RLwTYiL4Stk] [ZWc6WfVxKxR9Mh3OK2mFcAAAAFE] keep_alive=[0] [2023-11-29 20:19:21.239697] [R:ZWc6WfVxKxR9Mh3OK2mFcAAAAFE] UA:'Mozilla/5.0 (Linux; Android 7. ... show less	Hacking Web App Attack
TPI-Abuse	2023-11-28 08:46:27 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalse ... show more(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 03:46:19.164899 2023] [security2:error] [pid 3541503] [client 114.119.152.71:65353] [client 114.119.152.71] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.macjr.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.macjr.com"] [uri "/archives/2018/morphed/\\\\\\\\macjr.com"] [unique_id "ZWWo2zcP8p-anVhc6OjOGwAAAAs"], referer: http://www.macjr.com/archives/2018/morphed/index.html show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-27 04:16:11 (3 days ago)	Excessive crawling/scraping	Hacking Brute-Force
hermawan	2023-11-26 21:28:28 (3 days ago)	[Mon Nov 27 04:28:27.112349 2023] [security2:error] [pid 116859:tid 140087555757632] [client 114.119 ... show more[Mon Nov 27 04:28:27.112349 2023] [security2:error] [pid 116859:tid 140087555757632] [client 114.119.152.71:51507] [client 114.119.152.71] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot) request_line = GET /images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Potensi_Banjir/Provinsi_Jawa_Timur/2023/03_Februari_2023/Das-I/03-Prakiraan_Dasarian_Daerah_Potensi_Banjir_di_Provinsi_Jawa_Timur_DASARIAN_I_Bulan_APRIL_Tahun_2023_update_10_Maret_2023.jpg HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Praki ... show less	Hacking Web App Attack
TPI-Abuse	2023-11-26 17:26:35 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalse ... show more(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 26 12:26:30.924537 2023] [security2:error] [pid 25357] [client 114.119.152.71:55945] [client 114.119.152.71] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.danged.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.danged.com"] [uri "/TerryBeachMusic.com"] [unique_id "ZWN_xuLJeYslpfL19piPAAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
MAGIC	2023-11-25 14:21:50 (4 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2023-11-23 07:05:04 (1 week ago)		Web App Attack
MAGIC	2023-11-21 01:06:28 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
TPI-Abuse	2023-11-19 22:35:17 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalse ... show more(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 19 17:35:10.859706 2023] [security2:error] [pid 18793] [client 114.119.152.71:22129] [client 114.119.152.71] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.alafiariverrendezvous.org|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.alafiariverrendezvous.org"] [uri "/wp-content/uploads/tribe_tmp_file_logger_2021-12-06.log"] [unique_id "ZVqNniUAiyuWHJKRrgl_VQAAAAA"], referer: http://www.alafiariverrendezvous.org/wp-content/uploads/ show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2023-11-19 14:16:41 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalse ... show more(mod_security) mod_security (id:210730) triggered by 114.119.152.71 (petalbot-114-119-152-71.petalsearch.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 19 09:16:35.534253 2023] [security2:error] [pid 18409:tid 48010633434880] [client 114.119.152.71:29359] [client 114.119.152.71] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||digital4z.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "digital4z.com"] [uri "/wp-content/plugins/jetpack/modules/shortcodes/css/WS_FTP.LOG"] [unique_id "ZVoYw0faWl_veW-RPpYRJgAAAAw"], referer: http://digital4z.com/wp-content/plugins/jetpack/modules/shortcodes/css/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-18 10:57:22 (1 week ago)	Excessive crawling/scraping	Hacking Brute-Force
vestibtech	2023-11-14 21:20:08 (2 weeks ago)	114.119.152.71 - - [14/Nov/2023:14:20:08 -0700] "GET /robots.txt HTTP/1.1" 403 7165 "-" "Mozilla/5.0 ... show more114.119.152.71 - - [14/Nov/2023:14:20:08 -0700] "GET /robots.txt HTTP/1.1" 403 7165 "-" "Mozilla/5.0 (compatible;PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" ... show less	Web App Attack
Bytemark	2023-11-13 20:47:22 (2 weeks ago)	114.119.152.71 - - [13/Nov/2023:20:47:22 +0000] "GET /phpBB3/memberlist.php?mode=viewprofile&u=75709 ... show more114.119.152.71 - - [13/Nov/2023:20:47:22 +0000] "GET /phpBB3/memberlist.php?mode=viewprofile&u=75709 HTTP/1.1" 301 7318 "-" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" show less	Brute-Force Web App Attack
MAGIC	2023-11-13 05:26:44 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩