hermawan
2025-03-14 07:40:15
(2 days ago)
[Fri Mar 14 14:39:44.266481 2025] [security2:error] [pid 89433:tid 139787482486464] [client 47.128.1 ... show more [Fri Mar 14 14:39:44.266481 2025] [security2:error] [pid 89433:tid 139787482486464] [client 47.128.114.127:29160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?catid=471&id=600%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-7-juli-13-juli-2015&start=30 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Z9PdQE9o9tbKNM0a4yuwCAACfR4"] [staklim-malang.info] [staklim-malang.info] top=[89464] [V/PDisAN/nM] [Z9PdQE9o9tbKNM0a4yuwCshow less
Hacking
Web App Attack
2025-03-05 05:32:57
(1 week ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Séfora Srl
2025-03-04 00:00:19
(1 week ago)
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show more Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less
Bad Web Bot
Mendip_Defender
2025-03-03 03:21:14
(1 week ago)
47.128.114.127 - - [03/Mar/2025:03:21:10 +0000] "GET /?s=60a8ae8202d446ed10bacbe23b4f92db HTTP/1.0" ... show more 47.128.114.127 - - [03/Mar/2025:03:21:10 +0000] "GET /?s=60a8ae8202d446ed10bacbe23b4f92db HTTP/1.0" 200 10100 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"show less
Bad Web Bot
hermawan
2025-03-02 10:20:00
(2 weeks ago)
[Sun Mar 02 17:19:59.752755 2025] [security2:error] [pid 527827:tid 139659273246400] [client 47.128. ... show more [Sun Mar 02 17:19:59.752755 2025] [security2:error] [pid 527827:tid 139659273246400] [client 47.128.114.127:42266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?catid=481&id=758%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-6-oktober-12-oktober-2015&start=30 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Z8Qwz94J6I24U2ntirb8zQAAGQw"] [staklim-malang.info] [staklim-malang.info] top=[527840] [liLLYbGCTeg] [Z8Qwz94J6I24Ushow less
Hacking
Web App Attack
2025-03-02 02:43:56
(2 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
backslash
2025-03-01 12:35:07
(2 weeks ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
2025-02-26 13:37:00
(2 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
2025-02-24 15:04:32
(2 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
2025-02-23 10:32:58
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
2025-02-07 13:10:04
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
2025-02-04 05:43:46
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2025-01-27 20:02:57
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
backslash
2025-01-26 09:40:20
(1 month ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
TPI-Abuse
2025-01-18 15:33:09
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.114.127 (ec2-47-128-114-127.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.128.114.127 (ec2-47-128-114-127.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 18 10:33:03.132640 2025] [security2:error] [pid 23980:tid 24003] [client 47.128.114.127:58490] [client 47.128.114.127] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||digital4z.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "digital4z.com"] [uri "/Digital4z.com/Digital4z/wp-content/plugins/app-your-wordpress-uppsite/WS_FTP.LOG"] [unique_id "Z4vJr2k2jhSXvNI0xzWl3AAAANU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Singapore