πΊπΈ
TPI-Abuse
2026-07-11 19:31:20
(18 hours ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 15:31:16.552523 2026] [security2:error] [pid 32323:tid 32323] [client 47.128.33.207:40604] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bahamascruisersguide.com|F|2"] [data ".blogspot.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bahamascruisersguide.com"] [uri "/Blogs-Websites/snowbirdscompassrose.blogspot.com"] [unique_id "alKaBE2N7s1b454Y6OOcjgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 23:15:27
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:15:24.237604 2026] [security2:error] [pid 21981:tid 21981] [client 47.128.33.207:21136] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/Graphics2/Thumbs.db"] [unique_id "akmUDOQHcSKeeFdHguuC6gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
filstal.org
2026-06-01 01:25:53
(1 month ago)
Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ...
show more
Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )
show less
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-27 14:04:33
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 10:04:28.335166 2026] [security2:error] [pid 6178:tid 6178] [client 47.128.33.207:30030] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/default.old"] [unique_id "ahb57HIGoevBMMkKU6gWwAAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-22 21:06:39
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 17:06:31.512000 2026] [security2:error] [pid 926:tid 926] [client 47.128.33.207:57624] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lertap5.com|F|2"] [data ".sas.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lertap5.com"] [uri "/HTMLHelp/HTML/www.sas.com"] [unique_id "ahDFV8ysC9v4edbu29Ej-QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-05 18:09:28
(2 months ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-04-17 00:15:57
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 20:15:51.054387 2026] [security2:error] [pid 3710442:tid 3710442] [client 47.128.33.207:52328] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".ini.ea3.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/php.ini.ea3.bak"] [unique_id "aeF7tzP4w52TmHWEuzzeagAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-10 21:44:13
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 17:44:07.951003 2026] [security2:error] [pid 3564704:tid 3564704] [client 47.128.33.207:39272] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "adlvJxTsUJNwl1xxj_vJNgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
MAGIC
2026-04-04 03:18:19
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-03-21 01:09:58
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 21:09:50.526689 2026] [security2:error] [pid 3982:tid 3982] [client 47.128.33.207:10862] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/Graphics2/WS_FTP.LOG"] [unique_id "ab3v3nfWayFy0g3AYUJ46wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-18 20:17:22
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.207 (ec2-47-128-33-207.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 16:17:13.624550 2026] [security2:error] [pid 15809:tid 15809] [client 47.128.33.207:15114] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "absISQClFKxD1HR4UhXPaAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
bigorre.org
2026-03-09 16:48:27
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
π«π·
bigorre.org
2026-03-08 15:28:42
(4 months ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
π¨π
backslash
2026-02-28 06:12:05
(4 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
πͺπΈ
masterguru
2026-02-26 07:34:40
(4 months ago)
BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:user-agent. (1100000-123)
show less
Bad Web Bot