๐ซ๐ท
mail.avx.gr
2026-07-17 13:18:23
(4 hours ago)
Plesk Fail2Ban jail: plesk-apache-badbot. Evidence: 47.128.33.140 - - [15/Jul/2026:21:42:44 +0300] " ...
show more
Plesk Fail2Ban jail: plesk-apache-badbot. Evidence: 47.128.33.140 - - [15/Jul/2026:21:42:44 +0300] "GET /%CE%BA%CE%B1%CF%84%CE%B7%CE%B3%CE%BF%CF%81%CE%AF%CE%B5%CF%82-%CF%80%CF%81%CE%BF%CF%8A%CF%8C%CE%BD%CF%84%CF%89%CE%BD/%CE%BB%CE%AC%CE%B4%CE%B9-%E2%80%93-%CE%BE%CF%8D%CE%B4%CE%B9-%CE%BB%CE%B5%CE%BC%CF%8C%CE%BD%CE%B9 HTTP/1.1" 404 80153 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:04:27
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:04:22.474088 2026] [security2:error] [pid 21223:tid 21223] [client 47.128.33.140:43600] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "akq4xkonX3aaIa_KnZGkpwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 20:19:19
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 16:19:15.875549 2026] [security2:error] [pid 21345:tid 21345] [client 47.128.33.140:41432] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "aixpw0Synift0aEX48IYSQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 16:30:14
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 12:30:06.769910 2026] [security2:error] [pid 11920:tid 11920] [client 47.128.33.140:58266] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/Graphics2/Thumbs.db"] [unique_id "ahR5DmkEar6vvS4Ntn5JYQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 18:59:39
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 14:59:33.572497 2026] [security2:error] [pid 14721:tid 14721] [client 47.128.33.140:55834] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.lertap5.com|F|2"] [data ".spss.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.spss.com"] [unique_id "ag9WFUq7GC8UTIswPejRlwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-05-12 22:58:47
(2 months ago)
(modsecurity) srv104 ModSecurity 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.c ...
show more
(modsecurity) srv104 ModSecurity 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-06 06:33:02
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 02:32:58.431039 2026] [security2:error] [pid 24800:tid 24800] [client 47.128.33.140:63090] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/Graphics2/WS_FTP.LOG"] [unique_id "afrgmseDiUCINX9ZxfXVwAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-28 21:32:31
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.140 (ec2-47-128-33-140.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 17:32:25.918027 2026] [security2:error] [pid 1286:tid 1286] [client 47.128.33.140:26378] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pages4you.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pages4you.com"] [uri "/photos/Thumbs.db"] [unique_id "achI6VjBp6KyXUhXcnnU2AAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bigorre.org
2026-03-04 15:39:12
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Anonymous
2026-03-01 23:50:35
(4 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ซ๐ท
bigorre.org
2026-02-27 10:12:40
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
๐ฆ๐บ
MAGIC
2026-02-27 02:10:33
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ซ๐ท
bigorre.org
2026-02-07 16:12:44
(5 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
๐ฉ๐ช
dbmwebdesign
2026-01-20 07:25:20
(5 months ago)
Bot detected and blocked by Fail2Ban in bytespider jail
Bad Web Bot
๐ซ๐ท
bigorre.org
2026-01-04 15:03:48
(6 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot