Anonymous
2024-10-12 14:37:03
(1 day ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-29 12:16:34
(2 weeks ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-09-27 23:36:52
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 47.128.35.25 (ec2-47-128-35-25.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.35.25 (ec2-47-128-35-25.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 19:36:49.841295 2024] [security2:error] [pid 8130:tid 8130] [client 47.128.35.25:48150] [client 47.128.35.25] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||chrisbilder.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chrisbilder.com"] [uri "/ts/data_sets/exchrate.dat"] [unique_id "ZvdBkdleQe_jZk2vSFortAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-21 06:47:28
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
etu brutus
2024-09-19 14:47:21
(3 weeks ago)
47.128.35.25 Blocked by [Attack Vector List]
...
Hacking
Brute-Force
Exploited Host
ghostwarriors
2024-09-17 14:50:21
(3 weeks ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-09-17 14:40:02
(3 weeks ago)
2024/09/17 16:40:01 [error] 68755#459235: *4670372 limiting requests, excess: 0.133 by zone "crawler ... show more 2024/09/17 16:40:01 [error] 68755#459235: *4670372 limiting requests, excess: 0.133 by zone "crawler", client: 47.128.35.25, server: crxforum.ksol.io, request: "GET /showTopic.php?first=1300&offset=50&seed=66e558608e422&topicId=5 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
Anonymous
2024-09-17 11:43:47
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-15 13:51:55
(4 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-10 04:10:29
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
clapper
2024-09-09 22:40:10
(1 month ago)
(mod_security) mod_security (id:980001) triggered by 47.128.35.25 (SG/Singapore/ec2-47-128-35-25.ap- ... show more (mod_security) mod_security (id:980001) triggered by 47.128.35.25 (SG/Singapore/ec2-47-128-35-25.ap-southeast-1.compute.amazonaws.com): 5 in the last 3600 secs; ID: Dan show less
Brute-Force
Bad Web Bot
Anonymous
2024-09-09 03:18:51
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
bigorre.org
2024-08-30 20:08:42
(1 month ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
hermawan
2024-08-21 21:48:46
(1 month ago)
[Thu Aug 22 00:27:04.700256 2024] [security2:error] [pid 177785:tid 130449999398464] [client 47.128. ... show more [Thu Aug 22 00:27:04.700256 2024] [security2:error] [pid 177785:tid 130449999398464] [client 47.128.35.25:19942] [client 47.128.35.25] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/1126-klimatologi/agroklimatologi/kalender-tanam-katam-terpadu/kalender-tanam-katam-terpadu-provinsi-jawa-timur/kalender-tanam-katam-terpadu-kabupaten-situbondo/kalender-tanam-katam-terpadu-kecamatan-sumbermalang-kabupaten-situbondo HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/1126-klimatologi/agroklimatologi/kalender-t
... show less
Hacking
Web App Attack
toolsource.com
2024-08-21 02:59:52
(1 month ago)
47.128.35.25 - - [20/Aug/2024:22:59:50 -0400] "GET /bars-products-m-30851.html?filter_id=32956&sort= ... show more 47.128.35.25 - - [20/Aug/2024:22:59:50 -0400] "GET /bars-products-m-30851.html?filter_id=32956&sort=20a HTTP/1.1" 301 2907 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36"
... show less
Bad Web Bot