๐บ๐ธ
TPI-Abuse
2026-07-14 19:42:34
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:27.870423 2026] [security2:error] [pid 10426:tid 10426] [client 47.128.33.201:41164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/Graphics2/WS_FTP.LOG"] [unique_id "alaRI5i4iGd-nJ4WHd96dQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
โจ
2026-06-15 00:50:06
(1 month ago)
Domain : addor.co.uk
Rule : UserAgent
2026-06-15 00:48:04 ***hidden-privacy*** GET /css/addor.webflo ...
show more
Domain : addor.co.uk
Rule : UserAgent
2026-06-15 00:48:04 ***hidden-privacy*** GET /css/addor.webflow.css - 443 - 47.128.33.201 HTTP/2 Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) https://addor.co.uk/ addor.co.uk 200 0 0 5266 465 168 - -
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-28 19:29:18
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 15:29:12.462808 2026] [security2:error] [pid 18949:tid 18949] [client 47.128.33.201:16166] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.lertap5.com|F|2"] [data ".spss.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.spss.com"] [unique_id "ahiXiDZp-cZh8WeFWyWfbgAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-05-17 06:31:24
(1 month ago)
(modsecurity) srv104 ModSecurity 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.c ...
show more
(modsecurity) srv104 ModSecurity 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 11:50:15
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 07:50:08.431893 2026] [security2:error] [pid 947:tid 947] [client 47.128.33.201:23456] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "af8fcLall71_zco4G-qqOwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 10:44:24
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 06:44:19.133761 2026] [security2:error] [pid 19150:tid 19150] [client 47.128.33.201:19356] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pages4you.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pages4you.com"] [uri "/photos/Thumbs.db"] [unique_id "af8QA-wrAMwZsj8gYPNMaQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 19:44:35
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 15:44:29.210100 2026] [security2:error] [pid 2261301:tid 2261301] [client 47.128.33.201:50612] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/default.old"] [unique_id "adVenTNK47JZYgen1iJgCgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 19:21:36
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 15:21:29.868572 2026] [security2:error] [pid 32633:tid 32633] [client 47.128.33.201:57114] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lertap5.com|F|2"] [data ".spss.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lertap5.com"] [uri "/HTMLHelp/Lrtp59HTML/www.spss.com"] [unique_id "ac1wOZ7LEL5OmrPA_W-sqAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-25 13:54:10
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 09:53:56.321974 2026] [security2:error] [pid 29984:tid 29984] [client 47.128.33.201:33258] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "acPo9CPQF26AsitNSjUq2gAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-06 13:40:40
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 06 08:40:34.011759 2026] [security2:error] [pid 23346:tid 23346] [client 47.128.33.201:25072] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||comics.flyingdodostudio.com|F|2"] [data ".tumblr.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "comics.flyingdodostudio.com"] [uri "/herbert/inkyphalangies.tumblr.com"] [unique_id "aarZUsMvuwonw3PaPaAVaAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-03-02 11:13:27
(4 months ago)
Bot detected and blocked by Fail2Ban in bytespider jail
Bad Web Bot
๐จ๐ญ
backslash
2026-02-28 19:18:12
(4 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
๐ช๐ธ
librebit
2026-02-21 04:55:09
(4 months ago)
Brute force
Brute-Force
๐ฎ๐ณ
dineshskt4all
2026-01-19 21:04:31
(5 months ago)
47.128.33.201 - - [19/Jan/2026:21:04:29 +0000] "GET /index.php?limit=25&order=ASC&path=80&product_id ...
show more
47.128.33.201 - - [19/Jan/2026:21:04:29 +0000] "GET /index.php?limit=25&order=ASC&path=80&product_id=164&route=product%2Fproduct&sort=rating HTTP/1.0" 403 3258 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36"
...
show less
IoT Targeted
๐ฌ๐ง
NotCool
2026-01-19 03:02:02
(5 months ago)
(CRAWLDELAY) Generic Bot Crawl-delay Violation 47.128.33.201 (SG/Singapore/ec2-47-128-33-201.ap-sout ...
show more
(CRAWLDELAY) Generic Bot Crawl-delay Violation 47.128.33.201 (SG/Singapore/ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 10 in the last 3600 secs
show less
Bad Web Bot