Anonymous
2024-09-06 08:27:05
(2 days ago)
Excessive crawling/scraping
Hacking
Brute-Force
MAGIC
2024-09-06 07:10:45
(2 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
toolsource.com
2024-09-02 10:20:28
(6 days ago)
47.128.28.168 - - [02/Sep/2024:06:20:28 -0400] "GET /images/prod_images/MMM5973_1200Wx1200H.jpg HTTP ... show more 47.128.28.168 - - [02/Sep/2024:06:20:28 -0400] "GET /images/prod_images/MMM5973_1200Wx1200H.jpg HTTP/1.1" 206 3456 "https://vivahavedhika.com/Washer-Tablets-25-Tablet-Tube-316101.html" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
Melle
2024-08-30 09:19:21
(1 week ago)
Unauthorized connection attempt detected from IP address 47.128.28.168
Bad Web Bot
rtbh.com.tr
2024-08-29 20:55:09
(1 week ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
bigorre.org
2024-08-29 12:29:40
(1 week ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
rtbh.com.tr
2024-08-28 20:55:11
(1 week ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
ghostwarriors
2024-08-27 14:20:45
(1 week ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-08-27 13:51:40
(1 week ago)
2024/08/27 15:51:39 [error] 98235#532053: *2179678 limiting requests, excess: 0.038 by zone "crawler ... show more 2024/08/27 15:51:39 [error] 98235#532053: *2179678 limiting requests, excess: 0.038 by zone "crawler", client: 47.128.28.168, server: crxforum.ksol.io, request: "GET /showTopic.php?first=300&offset=50&seed=66c9b8ecb85a6&topicId=5 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
Jim Keir
2024-08-22 02:31:36
(2 weeks ago)
2024-08-22 02:31:35 47.128.28.168 Bad bot, blocking Mozilla/5.0
Bad Web Bot
hermawan
2024-08-21 15:14:23
(2 weeks ago)
[Wed Aug 21 20:56:23.236961 2024] [security2:error] [pid 38826:tid 130450710332992] [client 47.128.2 ... show more [Wed Aug 21 20:56:23.236961 2024] [security2:error] [pid 38826:tid 130450710332992] [client 47.128.28.168:23912] [client 47.128.28.168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/profil/meteorologi/list-of-all-tags/Galeri%20Kegiatan%20BMKG%20Stasiun%20Klimatologi%20Malang%20Periode%203%20-%207%20September%202018 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/Galeri%20Kegiatan%20BMKG%20Stasiun%20Klimatologi%20Malang%20Periode%203%20-%207%20September%202018"] [u
... show less
Hacking
Web App Attack
hermawan
2024-08-16 16:34:33
(3 weeks ago)
[Fri Aug 16 23:34:32.383086 2024] [security2:error] [pid 153162:tid 139826573608512] [client 47.128. ... show more [Fri Aug 16 23:34:32.383086 2024] [security2:error] [pid 153162:tid 139826573608512] [client 47.128.28.168:60398] [client 47.128.28.168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/analisis-iklim/analisis-dasarian/distribusi-curah-hujan-dasarian-provinsi-jawa-timur/642-analisis-dasarian-distribusi-curah-hujan-dasarian-ii-april-2019-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-dasarian/distribusi-curah-hujan-dasarian-provinsi-jawa-timur/642-analisis
... show less
Hacking
Web App Attack
TPI-Abuse
2024-08-15 14:34:00
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 47.128.28.168 (ec2-47-128-28-168.ap-southeast-1 ... show more (mod_security) mod_security (id:210492) triggered by 47.128.28.168 (ec2-47-128-28-168.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 10:33:55.221745 2024] [security2:error] [pid 8196:tid 8196] [client 47.128.28.168:26386] [client 47.128.28.168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertbanis.com"] [uri "/qmodcors/ccx/"] [unique_id "Zr4R0ze9paAFHKw0gHmYiQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
ghostwarriors
2024-08-11 19:50:19
(4 weeks ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-08-11 19:35:30
(4 weeks ago)
2024/08/11 21:35:29 [error] 59684#227196: *1708738 limiting requests, excess: 0.449 by zone "crawler ... show more 2024/08/11 21:35:29 [error] 59684#227196: *1708738 limiting requests, excess: 0.449 by zone "crawler", client: 47.128.28.168, server: crxforum.ksol.io, request: "GET /showTopic.php?first=125950&offset=50&seed=66b0ee3426db8&topicId=5 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot