MAGIC
2025-03-23 20:01:42
(3 days ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
2025-03-21 03:11:10
(6 days ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hermawan
2025-03-17 05:07:02
(1 week ago)
[Mon Mar 17 12:06:16.742914 2025] [security2:error] [pid 71156:tid 140233678235328] [client 47.128.1 ... show more [Mon Mar 17 12:06:16.742914 2025] [security2:error] [pid 71156:tid 140233678235328] [client 47.128.19.41:15834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/555557810-prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-untuk-bulan-januari-dasarian-iii-tanggal-21-31-tahun-2020-update-20-januari-2020 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-dasarian/prakiraan-dasarian-daerah-poteshow less
Hacking
Web App Attack
hermawan
2025-03-08 21:29:34
(2 weeks ago)
[Sun Mar 09 04:29:34.116658 2025] [security2:error] [pid 86908:tid 140075486602944] [client 47.128.1 ... show more [Sun Mar 09 04:29:34.116658 2025] [security2:error] [pid 86908:tid 140075486602944] [client 47.128.19.41:53632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?catid=482&id=996%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-17-23-mei-2016&start=60 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Z8y2vlwmJbHgSjZQLoBRbgAA1xA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[86925] [EXlrb9MoCVY] [Z8y2vlwmJbHgSshow less
Hacking
Web App Attack
Mangelot Hosting
2025-03-03 14:15:59
(3 weeks ago)
(BADBOT) ModSecurity BAD BOT Detected 47.128.19.41 (SG/Singapore/ec2-47-128-19-41.ap-southeast-1.com ... show more (BADBOT) ModSecurity BAD BOT Detected 47.128.19.41 (SG/Singapore/ec2-47-128-19-41.ap-southeast-1.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less
Web App Attack
MAGIC
2025-02-27 16:02:17
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
backslash
2025-02-25 02:35:09
(1 month ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
Séfora Srl
2025-02-23 01:00:18
(1 month ago)
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show more Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less
Bad Web Bot
Josh S.
2025-02-18 00:59:24
(1 month ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
ASN: 16509 (AMAZO ... show more Triggered Cloudflare WAF (firewallCustom) from SG.[email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36[email protected] show less
Bad Web Bot
TPI-Abuse
2025-02-16 07:54:53
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.19.41 (ec2-47-128-19-41.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.19.41 (ec2-47-128-19-41.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 16 02:54:49.283852 2025] [security2:error] [pid 2275471:tid 2275471] [client 47.128.19.41:33776] [client 47.128.19.41] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||med-engineering.com|F|2"] [data ".eu.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "med-engineering.com"] [uri "/rightnow.eu.com"] [unique_id "Z7GZyVTBr1-aNjhw_j-NswAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Séfora Srl
2025-02-11 13:49:49
(1 month ago)
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show more Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less
Bad Web Bot
Steve
2025-02-09 01:58:18
(1 month ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
2025-02-08 07:25:29
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
2025-02-07 07:21:19
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2025-01-25 07:02:22
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Singapore