TPI-Abuse
2024-12-07 16:41:27
(8 hours ago)
(mod_security) mod_security (id:210730) triggered by 47.128.116.227 (ec2-47-128-116-227.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.128.116.227 (ec2-47-128-116-227.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 07 11:41:22.354314 2024] [security2:error] [pid 22542:tid 22547] [client 47.128.116.227:41622] [client 47.128.116.227] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.digital4z.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.digital4z.com"] [uri "/Digital4z.com/Digital4z/wp-content/plugins/jetpack/modules/tiled-gallery/tiled-gallery/templates/partials/WS_FTP.LOG"] [unique_id "Z1R6sqcSzQeLRig1Wn-HWwAAAMI"] show less
Brute-Force
Bad Web Bot
Web App Attack
selahattinalan
2024-12-07 00:16:09
(1 day ago)
47.128.116.227 - - [07/Dec/2024:03:16:08 +0300] "GET /index.php?order=DESC&route=product%2Fsearch&so ... show more 47.128.116.227 - - [07/Dec/2024:03:16:08 +0300] "GET /index.php?order=DESC&route=product%2Fsearch&sort=p.price&tag=99.3423.310.51+%2F+99.3423.320.51+++-++D%2FP+++S-CAM HTTP/2.0" 200 5932 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
Progetto1
2024-12-04 04:26:02
(3 days ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
MAGIC
2024-11-30 04:04:55
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-11-23 18:01:20
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
selahattinalan
2024-11-19 15:40:29
(2 weeks ago)
47.128.116.227 - - [19/Nov/2024:18:40:27 +0300] "GET /index.php?order=DESC&product_id=1478&route=pro ... show more 47.128.116.227 - - [19/Nov/2024:18:40:27 +0300] "GET /index.php?order=DESC&product_id=1478&route=product%2Fproduct&sort=p.price&tag=KRM+No.+526+E01+4083 HTTP/2.0" 200 5281 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
Anonymous
2024-11-13 15:04:08
(3 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
MAGIC
2024-11-13 14:07:12
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
selahattinalan
2024-11-11 23:31:42
(3 weeks ago)
47.128.116.227 - - [12/Nov/2024:02:31:41 +0300] "GET /index.php?limit=25&order=ASC&route=product%2Fs ... show more 47.128.116.227 - - [12/Nov/2024:02:31:41 +0300] "GET /index.php?limit=25&order=ASC&route=product%2Fsearch&sort=pd.name&tag=KRM+No.+041+E01+0100 HTTP/2.0" 200 5846 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
Anonymous
2024-11-06 06:42:36
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hermawan
2024-10-31 18:12:17
(1 month ago)
[Thu Oct 31 15:41:30.277005 2024] [security2:error] [pid 273088:tid 128999254656704] [client 47.128. ... show more [Thu Oct 31 15:41:30.277005 2024] [security2:error] [pid 273088:tid 128999254656704] [client 47.128.116.227:17386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.7.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "59"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/analisis-bulanan/184-analisis-distribusi-hujan/analisis-distribusi-curah-hujan/analisis-distribusi-curah-hujan-malang-bulanan/analisis-distribusi-curah-hujan-malang-bulanan-tahun-2009/381-analisis-distribusi-curah-hujan-malang-bulan-desember-tahun-2009 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-bulanan/184-analisis-distribusi-h
... show less
Hacking
Web App Attack
Anonymous
2024-10-29 10:45:00
(1 month ago)
"Access from malicious IP address"
Brute-Force
rtbh.com.tr
2024-10-28 20:53:41
(1 month ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
rtbh.com.tr
2024-10-27 20:53:42
(1 month ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
MAGIC
2024-10-27 08:01:40
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot