๐ซ๐ท
mail.avx.gr
2026-07-17 13:18:24
(10 hours ago)
Plesk Fail2Ban jail: plesk-apache-badbot. Evidence: 47.128.33.175 - - [16/Jul/2026:18:45:58 +0300] " ...
show more
Plesk Fail2Ban jail: plesk-apache-badbot. Evidence: 47.128.33.175 - - [16/Jul/2026:18:45:58 +0300] "GET /%CE%BA%CE%B1%CF%84%CE%B7%CE%B3%CE%BF%CF%81%CE%AF%CE%B5%CF%82-%CF%80%CF%81%CE%BF%CF%8A%CF%8C%CE%BD%CF%84%CF%89%CE%BD/%CE%BC%CF%80%CE%B1%CF%87%CE%B1%CF%81%CE%B9%CE%BA%CE%AC-%CE%B1%CE%BA%CE%AC%CF%84%CE%B9%CE%B1 HTTP/1.1" 404 80153 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:22:48
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:22:43.170643 2026] [security2:error] [pid 26353:tid 26353] [client 47.128.33.175:49950] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bahamascruisersguide.com|F|2"] [data ".greatmysterious.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bahamascruisersguide.com"] [uri "/Blogs-Websites/www.greatmysterious.com"] [unique_id "ak6jg76M1tXp3TMmm1TzkwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 08:12:56
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:12:51.122605 2026] [security2:error] [pid 20966:tid 20966] [client 47.128.33.175:42736] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pages4you.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pages4you.com"] [uri "/default.old"] [unique_id "akjAg_hpbqJ8Gd7sIXr6ZQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 20:32:00
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 16:31:53.252878 2026] [security2:error] [pid 7342:tid 7342] [client 47.128.33.175:19730] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "aj7hudc-uKUiZ_SS-6b0MgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 02:50:35
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:50:27.944452 2026] [security2:error] [pid 27578:tid 27578] [client 47.128.33.175:18048] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".ini.ea3.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/php.ini.ea3.bak"] [unique_id "aijQ8y8bjfash5kZesxohAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2026-06-04 00:34:28
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-27 20:27:32
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 16:27:26.939038 2026] [security2:error] [pid 28143:tid 28143] [client 47.128.33.175:33182] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "ahdTrrMJhvHb1bnY3yihAQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-05-21 08:16:51
(1 month ago)
BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-122)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-09 19:40:29
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 15:40:26.164848 2026] [security2:error] [pid 18564:tid 18564] [client 47.128.33.175:43260] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.lertap5.com|F|2"] [data ".spss.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.spss.com"] [unique_id "af-Nqt2ixEjgSzRJcJ9LEwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-25 04:50:10
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 00:50:02.730936 2026] [security2:error] [pid 24023:tid 24023] [client 47.128.33.175:35938] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/photos/Thumbs.db"] [unique_id "aexH-ul6kxEhwQUCa_gergAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-03-30 17:29:48
(3 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-03-14 16:19:48
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.175 (ec2-47-128-33-175.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 12:19:44.146162 2026] [security2:error] [pid 7416:tid 7416] [client 47.128.33.175:40420] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/default.old"] [unique_id "abWKoIsSG3bvRcpJ5k7iswAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Mehmet_The_Script_Kiddie
2026-03-10 18:55:33
(4 months ago)
CloudFlare WAF REPORT: Disobey robots.txt. Suspicious web crawler.
Bad Web Bot
Web App Attack
๐ช๐ธ
librebit
2026-03-10 02:51:55
(4 months ago)
Brute force
Brute-Force
๐ซ๐ท
bigorre.org
2026-03-08 10:13:40
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot