hermawan
2024-05-04 19:13:21
(4 months ago)
[Sun May 05 02:13:12.471757 2024] [security2:error] [pid 657577:tid 123890013570624] [client 47.128. ... show more [Sun May 05 02:13:12.471757 2024] [security2:error] [pid 657577:tid 123890013570624] [client 47.128.110.95:14464] [client 47.128.110.95] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.0.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "37"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/meteorologi/list-all-categories/3961-klimatologi/prakiraan-klimatologi/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-tahu..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/m
... show less
Hacking
Web App Attack
bigorre.org
2024-05-03 17:44:09
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Steve
2024-05-03 07:25:33
(4 months ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
Jim Keir
2024-05-03 04:51:04
(4 months ago)
2024-05-03 04:51:03 47.128.110.95 Bad bot, blocking Mozilla/5.0
Bad Web Bot
toolsource.com
2024-05-03 02:24:59
(4 months ago)
47.128.110.95 - - [02/May/2024:22:24:58 -0400] "GET /images/prod_medium/136940.jpg HTTP/2.0" 200 492 ... show more 47.128.110.95 - - [02/May/2024:22:24:58 -0400] "GET /images/prod_medium/136940.jpg HTTP/2.0" 200 49216 "https://games.udlvirtual.edu.pe/view/3-1-4-8-point-socket.html" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36"
... show less
Bad Web Bot
Xuan Can
2024-05-02 20:05:51
(4 months ago)
(mod_security) mod_security (id:77350374) triggered by 47.128.110.95 (SG/Singapore/ec2-47-128-110-95 ... show more (mod_security) mod_security (id:77350374) triggered by 47.128.110.95 (SG/Singapore/ec2-47-128-110-95.ap-southeast-1.compute.amazonaws.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 03 03:05:42.744252 2024] [security2:error] [pid 31706:tid 47597878888192] [client 47.128.110.95:0] [client 47.128.110.95] ModSecurity: Access denied with code 403 (phase 2). Match of "contains bytedancewebview" against "REQUEST_HEADERS:user-agent" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/010_i360_otherapps.conf"] [line "604"] [id "77350374"] [msg "IM360 WAF: Scan attempt by malicious crawler||UA:Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )||T:APACHE||"] [severity "CRITICAL"] [tag "service_im360"] [hostname "www.supermicro.vn"] [uri "/"] [unique_id "ZjPyFnRdD4oHY14bkxc11gAAAEM"], referer: https://www.supermicro.vn/ show less
Brute-Force
SSH
Anonymous
2024-04-30 06:34:43
(4 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
bigorre.org
2024-04-29 17:21:44
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Anonymous
2024-04-28 06:28:11
(4 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-27 01:35:27
(4 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
toolsource.com
2024-04-26 13:09:57
(4 months ago)
47.128.110.95 - - [26/Apr/2024:09:09:56 -0400] "GET /wheelamatic-m-29081.html?filter_id=30161&page=3 ... show more 47.128.110.95 - - [26/Apr/2024:09:09:56 -0400] "GET /wheelamatic-m-29081.html?filter_id=30161&page=3&sort=20a HTTP/2.0" 200 71593 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
MAGIC
2024-04-24 08:03:42
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-04-17 00:04:41
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
toolsource.com
2024-04-14 07:36:00
(4 months ago)
47.128.110.95 - - [14/Apr/2024:03:35:55 -0400] "GET /images/prod_images/SHA288291_1200Wx1200H.jpg HT ... show more 47.128.110.95 - - [14/Apr/2024:03:35:55 -0400] "GET /images/prod_images/SHA288291_1200Wx1200H.jpg HTTP/2.0" 200 49285 "https://pregnancylinenl.blogspot.com/2021/06/sharpe-platinum-spray-gun.html" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36"
... show less
Bad Web Bot
Anonymous
2024-04-12 10:07:05
(4 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH