TPI-Abuse
2024-09-08 06:52:30
(15 hours ago)
(mod_security) mod_security (id:210730) triggered by 47.128.50.152 (ec2-47-128-50-152.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.50.152 (ec2-47-128-50-152.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 02:52:26.235951 2024] [security2:error] [pid 21817:tid 21817] [client 47.128.50.152:16184] [client 47.128.50.152] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||med-engineering.com|F|2"] [data ".vogf.med-engineering.com.bcv.vb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "med-engineering.com"] [uri "/dwi.vogf.med-engineering.com.bcv.vb"] [unique_id "Zt1JqteE5eyJ-X-ngs65zQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
toolsource.com
2024-09-03 13:52:40
(5 days ago)
47.128.50.152 - - [03/Sep/2024:09:52:39 -0400] "GET /images/prod_images/GRE4060M_1200Wx1200H.jpg HTT ... show more 47.128.50.152 - - [03/Sep/2024:09:52:39 -0400] "GET /images/prod_images/GRE4060M_1200Wx1200H.jpg HTTP/1.1" 200 52185 "https://auswandernineinfreiesleben.de/va/Q2324244.html" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
Melle
2024-08-29 20:57:26
(1 week ago)
Unauthorized connection attempt detected from IP address 47.128.50.152
Bad Web Bot
Jim Keir
2024-08-28 14:23:15
(1 week ago)
2024-08-28 14:23:14 47.128.50.152 Bad bot, blocking Mozilla/5.0
Bad Web Bot
TPI-Abuse
2024-08-22 09:36:38
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 47.128.50.152 (ec2-47-128-50-152.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.50.152 (ec2-47-128-50-152.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 05:36:30.795131 2024] [security2:error] [pid 5108:tid 5108] [client 47.128.50.152:17112] [client 47.128.50.152] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.greenroomonline.org|F|2"] [data ".wagonwheeltheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.greenroomonline.org"] [uri "/theaters/www.wagonwheeltheatre.com"] [unique_id "ZscGnrPgJ2j4m0F0mTKQigAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-12 15:51:31
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
ghostwarriors
2024-08-11 01:50:19
(4 weeks ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-08-11 01:37:33
(4 weeks ago)
2024/08/11 03:37:32 [error] 67702#101765: *1408584 limiting requests, excess: 0.253 by zone "crawler ... show more 2024/08/11 03:37:32 [error] 67702#101765: *1408584 limiting requests, excess: 0.253 by zone "crawler", client: 47.128.50.152, server: crxforum.ksol.io, request: "GET /showTopic.php?first=125750&offset=50&seed=66b01b4e0baef&topicId=5 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
ghostwarriors
2024-08-06 00:20:23
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-08-06 00:00:15
(1 month ago)
2024/08/06 02:00:13 [error] 87340#787891: *7894158 limiting requests, excess: 0.252 by zone "crawler ... show more 2024/08/06 02:00:13 [error] 87340#787891: *7894158 limiting requests, excess: 0.252 by zone "crawler", client: 47.128.50.152, server: crxforum.ksol.io, request: "GET /showTopic.php?first=133950&offset=50&seed=66afc9116218b&topicId=56 HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
Anonymous
2024-08-05 05:50:12
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
bigorre.org
2024-07-29 05:14:59
(1 month ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
Steve
2024-07-28 11:01:31
(1 month ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
Jim Keir
2024-07-27 11:28:55
(1 month ago)
2024-07-27 11:28:55 47.128.50.152 Bad bot, blocking Mozilla/5.0
Bad Web Bot
toolsource.com
2024-07-24 20:24:04
(1 month ago)
47.128.50.152 - - [24/Jul/2024:16:24:03 -0400] "GET /product_info.html?cPath=194_238_787&products_id ... show more 47.128.50.152 - - [24/Jul/2024:16:24:03 -0400] "GET /product_info.html?cPath=194_238_787&products_id=143663 HTTP/2.0" 301 117 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot