mwgbr
2024-09-18 13:10:38
(2 weeks ago)
154.54.249.160 (FR/France/-), more than 10 Apache 403 hits
Hacking
SCHAPPY
2024-09-17 14:49:41
(2 weeks ago)
Bad bot identified by user agent
Bad Web Bot
Anonymous
2024-09-16 03:49:14
(2 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
TPI-Abuse
2024-09-15 19:49:40
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 154.54.249.160 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.54.249.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 15 15:49:36.384496 2024] [security2:error] [pid 27148:tid 27148] [client 154.54.249.160:12985] [client 154.54.249.160] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nccb.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nccb.org"] [uri "/theunion.com"] [unique_id "Zuc6UNiUiuOBGpCe8qncpwAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
clapper
2024-09-11 17:47:16
(3 weeks ago)
(mod_security) mod_security (id:980001) triggered by 154.54.249.160 (FR/France/-): 3 in the last 360 ... show more (mod_security) mod_security (id:980001) triggered by 154.54.249.160 (FR/France/-): 3 in the last 3600 secs; ID: LUC show less
Brute-Force
Bad Web Bot
MAGIC
2024-09-11 06:05:11
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Mendip_Defender
2024-09-11 02:20:48
(3 weeks ago)
154.54.249.160 - - [11/Sep/2024:03:20:54 +0100] "GET /robots.txt HTTP/1.0" 200 955 "-" "Mozilla/5.0 ... show more 154.54.249.160 - - [11/Sep/2024:03:20:54 +0100] "GET /robots.txt HTTP/1.0" 200 955 "-" "Mozilla/5.0 (compatible; Barkrowler/0.9; +https://babbar.tech/crawler)"
... show less
Bad Web Bot
clapper
2024-09-10 19:54:23
(3 weeks ago)
(PERMBLOCK) 154.54.249.160 (FR/France/-) has had more than 4 temp blocks in the last 86400 secs; ID: ... show more (PERMBLOCK) 154.54.249.160 (FR/France/-) has had more than 4 temp blocks in the last 86400 secs; ID: Clar show less
Brute-Force
Bad Web Bot
clapper
2024-09-10 18:55:54
(3 weeks ago)
(mod_security) mod_security (id:980001) triggered by 154.54.249.160 (FR/France/-): 5 in the last 360 ... show more (mod_security) mod_security (id:980001) triggered by 154.54.249.160 (FR/France/-): 5 in the last 3600 secs; ID: Clar show less
Brute-Force
Bad Web Bot
spyra.rocks
2024-09-09 22:14:59
(3 weeks ago)
NGINX
Bad Web Bot
TPI-Abuse
2024-06-01 18:34:31
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 154.54.249.160 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.54.249.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 01 14:34:26.880042 2024] [security2:error] [pid 30085] [client 154.54.249.160:6531] [client 154.54.249.160] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.urbanreinventors.net|F|2"] [data ".ludovicmaillard.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.urbanreinventors.net"] [uri "/www.ludovicmaillard.com"] [unique_id "ZltpslE1A7e1ePvPBnMDUAAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-22 20:53:32
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 154.54.249.160 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.54.249.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 22 16:53:24.806019 2024] [security2:error] [pid 28129] [client 154.54.249.160:13251] [client 154.54.249.160] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.accordionstars.com|F|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com"] [uri "/www.accordionfactory.com"] [unique_id "Zk5bRN7BkLRLwrnHUVAxOgAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
spyra.rocks
2024-05-21 20:47:04
(4 months ago)
Web App Attack
MAGIC
2024-05-20 15:19:25
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Roderic
2024-05-20 04:13:15
(4 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 154.54.249.160 (FR/F ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 154.54.249.160 (FR/France/-) show less
Bad Web Bot