Anonymous
2025-01-15 10:04:23
(6 hours ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-01-13 13:43:29
(2 days ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Jim Keir
2025-01-06 14:45:41
(1 week ago)
2025-01-06 14:45:39 47.128.118.213 Bad bot, blocking Mozilla/5.0
Bad Web Bot
Anonymous
2025-01-04 23:33:41
(1 week ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-12-29 10:22:51
(2 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-12-18 10:06:09
(4 weeks ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-12-15 08:23:28
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.118.213 (ec2-47-128-118-213.ap-southeast ... show more (mod_security) mod_security (id:210730) triggered by 47.128.118.213 (ec2-47-128-118-213.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 15 03:23:20.087486 2024] [security2:error] [pid 3114553:tid 3114553] [client 47.128.118.213:15876] [client 47.128.118.213] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.med-engineering.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.med-engineering.com"] [uri "/2captcha.com"] [unique_id "Z16R-Id65lSFYy4wTStg2AAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
hermawan
2024-12-04 21:32:28
(1 month ago)
[Thu Dec 05 01:32:52.910032 2024] [security2:error] [pid 224996:tid 130074365859520] [client 47.128. ... show more [Thu Dec 05 01:32:52.910032 2024] [security2:error] [pid 224996:tid 130074365859520] [client 47.128.118.213:50384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.8.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "61"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?catid=475&id=967%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-26-april-2-mei-2016 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Z1CgVHZSA53TW0IeaNZORwACYA4"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[225011] [oY50Ar4DUOo] [Z1CgVHZSA53TW0I
... show less
Hacking
Web App Attack
MAGIC
2024-12-04 05:06:28
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
selahattinalan
2024-12-02 20:34:00
(1 month ago)
47.128.118.213 - - [02/Dec/2024:23:33:58 +0300] "GET /index.php?limit=25&order=ASC&product_id=1405&r ... show more 47.128.118.213 - - [02/Dec/2024:23:33:58 +0300] "GET /index.php?limit=25&order=ASC&product_id=1405&route=product%2Fproduct&sort=p.model&tag=KRM+No.+434+E01+3157 HTTP/2.0" 200 5322 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
Progetto1
2024-11-25 11:00:04
(1 month ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
MAGIC
2024-11-24 03:09:12
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
selahattinalan
2024-11-23 08:49:16
(1 month ago)
47.128.118.213 - - [23/Nov/2024:11:49:14 +0300] "GET /index.php?order=DESC&route=product%2Fsearch&so ... show more 47.128.118.213 - - [23/Nov/2024:11:49:14 +0300] "GET /index.php?order=DESC&route=product%2Fsearch&sort=p.price&tag=1023 HTTP/2.0" 200 5747 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
fortypoundhead
2024-11-21 15:32:25
(1 month ago)
PHP vulnerability scan
Web App Attack
MAGIC
2024-11-13 07:06:53
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot