Anonymous
2024-10-24 15:43:32
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-10-22 09:05:59
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-10-20 01:05:58
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-10-17 18:04:40
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-10-16 09:52:57
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
bigorre.org
2024-10-01 05:36:09
(2 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Anonymous
2024-09-29 11:40:23
(2 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-09-29 06:09:23
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-09-25 04:59:18
(2 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hermawan
2024-09-24 14:58:34
(2 months ago)
[Tue Sep 24 12:00:26.195382 2024] [security2:error] [pid 86440:tid 134237034383040] [client 47.128.2 ... show more [Tue Sep 24 12:00:26.195382 2024] [security2:error] [pid 86440:tid 134237034383040] [client 47.128.23.127:25642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?catid=619&id=555555662%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-26-april-02-mei-2018&start=40 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "ZvJHatglpQY3WRMRTvs4zAAA1xg"] [staklim-malang.info] [staklim-malang.info] top=[86465] [YU0yYhasKvM] [ZvJHatglpQY3WRMRT
... show less
Hacking
Web App Attack
hermawan
2024-09-19 05:45:59
(2 months ago)
[Wed Sep 18 18:00:41.442586 2024] [security2:error] [pid 440550:tid 138905435244224] [client 47.128. ... show more [Wed Sep 18 18:00:41.442586 2024] [security2:error] [pid 440550:tid 138905435244224] [client 47.128.23.127:48252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/arsip-artikel?catid=618&id=555555659%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-26-april-02-mei-2017&start=30 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/arsip-artikel"] [unique_id "Zuqy2e59stLryMTO6HTHGgABSwQ"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[440555] [BnWDt6Kh278] [
... show less
Hacking
Web App Attack
Jim Keir
2024-09-18 14:18:43
(2 months ago)
2024-09-18 14:18:42 47.128.23.127 Bad bot, blocking Mozilla/5.0
Bad Web Bot
Jim Keir
2024-09-12 19:59:25
(2 months ago)
2024-09-12 19:59:24 47.128.23.127 Bad bot, blocking Mozilla/5.0
Bad Web Bot
sefinek.net
2024-09-08 05:39:41
(3 months ago)
IP 47.128.23.127 [SG] triggered Cloudflare WAF (firewallCustom).
Action taken: CHALLENGE ... show more IP 47.128.23.127 [SG] triggered Cloudflare WAF (firewallCustom).
Action taken: CHALLENGE
ASN: 16509 (AMAZON-02)
Protocol: HTTP/2 (method GET)
Domain: sefinek.net
Endpoint: /blocklist-generator
Timestamp: 2024-09-07T19:32:49Z
Ray ID: 8bf92081ac1c81a4
Rule ID: cc5e7a6277d447eca9c1818934ba65c8
User agent: Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36
Report generated by Node-Cloudflare-WAF-AbuseIPDB (https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB) show less
Bad Web Bot
rtbh.com.tr
2024-09-04 20:54:58
(3 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force