AbuseIPDB » 185.191.171.13

185.191.171.13 was found in our database!

This IP was reported 5,369 times. Confidence of Abuse is 100%: ?

100%

ISP	SEMRush CY Ltd
Usage Type	Search Engine Spider
Hostname(s)	13.bl.bot.semrush.com
Domain Name	semrush.com
Country	United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 185.191.171.13

Whois 185.191.171.13

IP Abuse Reports for 185.191.171.13:

This IP address has been reported a total of 5,369 times from 151 distinct sources. 185.191.171.13 was first reported on November 21st 2020, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp	Comment	Categories
findlab	2023-12-09 13:00:01 (8 hours ago)	Backdrop CMS module - forbidden user agent	Bad Web Bot Web App Attack
NoAbuseforU	2023-12-08 11:32:00 (1 day ago)	"llegal meta character in URL"	Brute-Force
sverson	2023-12-08 05:49:51 (1 day ago)	Automated report	Hacking
hermawan	2023-12-08 00:32:43 (1 day ago)	[Fri Dec 08 07:32:41.410561 2023] [security2:error] [pid 174718:tid 139640686224960] [client 185.191 ... show more[Fri Dec 08 07:32:41.410561 2023] [security2:error] [pid 174718:tid 139640686224960] [client 185.191.171.13:15394] [client 185.191.171.13] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "SemrushBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "187"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: SemrushBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; semrushbot/7~bl; +http://www.semrush.com/bot.html) request_line = GET /robots.txt HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "ZXJkKdlI_SGjU9Mlj0EvSgAAAZw"] [staklim-jatim.bmkg.go.id] [staklim-jatim ... show less	Hacking Web App Attack
psauxit	2023-12-07 17:29:07 (2 days ago)	Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping	Web Spam Hacking Bad Web Bot Web App Attack
hermawan	2023-12-07 13:29:36 (2 days ago)	[Thu Dec 07 20:29:35.728810 2023] [security2:error] [pid 12965:tid 140112201496128] [client 185.191. ... show more[Thu Dec 07 20:29:35.728810 2023] [security2:error] [pid 12965:tid 140112201496128] [client 185.191.171.13:7992] [client 185.191.171.13] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "SemrushBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "187"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: SemrushBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; semrushbot/7~bl; +http://www.semrush.com/bot.html) request_line = GET /index.php/profil/meteorologi/list-all-categories/3962-klimatologi/infografis/infografis-klimatologi/infografis-dasarian/infografis-dasarian-tahun-2019/555557580-infografis-dasarian-informasi-iklim-jatim-update-30-september-2019 HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag ... show less	Hacking Web App Attack
hermawan	2023-12-07 11:20:52 (2 days ago)	[Thu Dec 07 18:20:51.722616 2023] [security2:error] [pid 103300:tid 140682391975488] [client 185.191 ... show more[Thu Dec 07 18:20:51.722616 2023] [security2:error] [pid 103300:tid 140682391975488] [client 185.191.171.13:10726] [client 185.191.171.13] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "SemrushBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "187"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: SemrushBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; semrushbot/7~bl; +http://www.semrush.com/bot.html) request_line = GET /robots.txt HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "ZXGqk3r1Pr8vUCtnePlCUgAAAHk"] [staklim-jatim.bmkg.go.id] [staklim-jatim ... show less	Hacking Web App Attack
speedtaq.com	2023-12-06 17:00:06 (3 days ago)	185.191.171.13 - - [06/Dec/2023:18:00:04 +0100] "GET /robots.txt HTTP/1.1" 200 6359 "-" "Mozilla/5.0 ... show more185.191.171.13 - - [06/Dec/2023:18:00:04 +0100] "GET /robots.txt HTTP/1.1" 200 6359 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less	Bad Web Bot
speedtaq.com	2023-12-06 14:53:19 (3 days ago)	185.191.171.13 - - [06/Dec/2023:15:53:17 +0100] "GET /product-category/gear-box-parts/ HTTP/1.1" 200 ... show more185.191.171.13 - - [06/Dec/2023:15:53:17 +0100] "GET /product-category/gear-box-parts/ HTTP/1.1" 200 41332 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less	Bad Web Bot
Anonymous	2023-12-06 11:19:39 (3 days ago)	Malicious Activity Detected	Hacking Brute-Force
MAGIC	2023-12-05 13:02:34 (4 days ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
hermawan	2023-12-05 12:24:32 (4 days ago)	[Tue Dec 05 19:24:30.936314 2023] [security2:error] [pid 40138:tid 140559314318912] [client 185.191. ... show more[Tue Dec 05 19:24:30.936314 2023] [security2:error] [pid 40138:tid 140559314318912] [client 185.191.171.13:48118] [client 185.191.171.13] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "SemrushBot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "187"] [id "913102"] [msg "Found User-Agent associated with web crawler/bot"] [data "Matched Data: SemrushBot found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; semrushbot/7~bl; +http://www.semrush.com/bot.html) request_line = GET /robots.txt HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-crawler"] [tag "OWASP_CRS"] [tag "capec/1000/118/224/541/310"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "ZW8Wfgt_cRbSxX1LDyZNEQAAAdo"] [staklim-jatim.bmkg.go.id] [staklim-jatim. ... show less	Hacking Web App Attack
speedtaq.com	2023-12-05 12:09:35 (4 days ago)	185.191.171.13 - - [05/Dec/2023:13:09:32 +0100] "GET /45353gdlh24aa646.html HTTP/1.1" 404 275198 "-" ... show more185.191.171.13 - - [05/Dec/2023:13:09:32 +0100] "GET /45353gdlh24aa646.html HTTP/1.1" 404 275198 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less	Bad Web Bot
speedtaq.com	2023-12-05 07:44:24 (4 days ago)	185.191.171.13 - - [05/Dec/2023:08:44:21 +0100] "GET /262508gdlhyhnm62/0ee05b9ea8.html HTTP/1.1" 404 ... show more185.191.171.13 - - [05/Dec/2023:08:44:21 +0100] "GET /262508gdlhyhnm62/0ee05b9ea8.html HTTP/1.1" 404 275233 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less	Bad Web Bot
SPYRA ROCKS	2023-12-05 05:02:50 (4 days ago)		Bad Web Bot