bigorre.org
2024-09-19 03:22:09
(1 day ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Steve
2024-09-18 01:23:57
(2 days ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
hermawan
2024-09-17 03:15:05
(3 days ago)
[Tue Sep 17 06:23:43.866854 2024] [security2:error] [pid 73263:tid 138910309025472] [client 47.128.1 ... show more [Tue Sep 17 06:23:43.866854 2024] [security2:error] [pid 73263:tid 138910309025472] [client 47.128.116.111:48828] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?id=619&start=40 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Zui9_1hqMWgIVQRrZ6v--AAASQU"] [staklim-malang.info] [staklim-malang.info] top=[73269] [3Fsm3cQOALg] [Zui9_1hqMWgIVQRrZ6v--AAASQU] keep_alive=[1] [2024-09-17 06:23:43.866860] [R:Zui9_1hqMWgIVQRrZ6v--AAASQU] UA:'Mozilla/5.0 (Linux;
... show less
Hacking
Web App Attack
Anonymous
2024-09-16 18:36:46
(3 days ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-16 13:54:26
(3 days ago)
Excessive crawling/scraping
Hacking
Brute-Force
bigorre.org
2024-09-15 15:23:14
(4 days ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Hazzard
2024-09-14 21:02:15
(5 days ago)
47.128.116.111 (SG/Singapore/-/Singapore/ec2-47-128-116-111.ap-southeast-1.compute.amazonaws.com/[re ... show more 47.128.116.111 (SG/Singapore/-/Singapore/ec2-47-128-116-111.ap-southeast-1.compute.amazonaws.com/[redacted]), more than 60 Apache 403 hits show less
Hacking
bigorre.org
2024-09-09 16:45:46
(1 week ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
TPI-Abuse
2024-09-05 15:28:23
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 47.128.116.111 (ec2-47-128-116-111.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.128.116.111 (ec2-47-128-116-111.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 11:28:19.736009 2024] [security2:error] [pid 19510:tid 19510] [client 47.128.116.111:19508] [client 47.128.116.111] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||intermixx.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "intermixx.com"] [uri "/[email protected] "] [unique_id "ZtnOEzfTxLX_HFzZgliSXAAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Melle
2024-09-05 13:29:50
(2 weeks ago)
Unauthorized connection attempt detected from IP address 47.128.116.111
Bad Web Bot
Anonymous
2024-09-03 07:44:35
(2 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
unifr
2024-09-02 05:27:13
(2 weeks ago)
Unauthorized IMAP connection attempt
Brute-Force
toolsource.com
2024-08-28 04:05:25
(3 weeks ago)
47.128.116.111 - - [28/Aug/2024:00:05:24 -0400] "GET /channellock-m-25162.html?filter_id=28099&page= ... show more 47.128.116.111 - - [28/Aug/2024:00:05:24 -0400] "GET /channellock-m-25162.html?filter_id=28099&page=4&sort=20a HTTP/1.1" 200 76911 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
hermawan
2024-08-27 01:17:36
(3 weeks ago)
[Tue Aug 27 08:16:31.368807 2024] [security2:error] [pid 954052:tid 138045120579136] [client 47.128. ... show more [Tue Aug 27 08:16:31.368807 2024] [security2:error] [pid 954052:tid 138045120579136] [client 47.128.116.111:10900] [client 47.128.116.111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/analisis-kondisi-dinamika-atmosfer-laut-dasarian/3958-analisis-kondisi-dinamika-atmosfer-laut-dasarian-tahun-2019/1057-analisis-dan-prediksi-dasarian-dinamika-atmosfer-laut-dan-prediksi-curah-hujan-update-dasarian-iii-tanggal-21-31-agustus-2019 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-kondisi-dinamika-
... show less
Hacking
Web App Attack
rtbh.com.tr
2024-08-18 20:55:31
(1 month ago)
list.rtbh.com.tr report: tcp/0
Brute-Force