MAGIC
2024-12-11 20:11:44
(1 day ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-12-03 23:52:52
(1 week ago)
Excessive crawling/scraping
Hacking
Brute-Force
selahattinalan
2024-11-29 18:43:00
(1 week ago)
47.128.50.240 - - [29/Nov/2024:21:42:58 +0300] "GET /index.php?limit=30&product_id=1059&route=produc ... show more 47.128.50.240 - - [29/Nov/2024:21:42:58 +0300] "GET /index.php?limit=30&product_id=1059&route=product%2Fproduct&tag=97.7300.000.00+++-++Trailer+ HTTP/2.0" 200 5332 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
TPI-Abuse
2024-11-27 12:07:25
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 47.128.50.240 (ec2-47-128-50-240.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.50.240 (ec2-47-128-50-240.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 27 07:07:18.286036 2024] [security2:error] [pid 6099:tid 6105] [client 47.128.50.240:47804] [client 47.128.50.240] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.digital4z.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.digital4z.com"] [uri "/wp-content/plugins/jetpack/modules/theme-tools/compat/WS_FTP.LOG"] [unique_id "Z0cLdl_RYV0jl2y3nmthYQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-11-26 22:15:09
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
threatx
2024-11-26 08:22:06
(2 weeks ago)
Common blacklisted IPs across tenants
DDoS Attack
Bad Web Bot
Web App Attack
MAGIC
2024-11-20 12:00:37
(3 weeks ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Charles
2024-11-16 08:38:46
(3 weeks ago)
47.128.50.240 - - [16/Nov/2024:16:38:45 +0800] "GET /robots.txt HTTP/1.1" 200 472 "-" "Mozilla/5.0 ( ... show more 47.128.50.240 - - [16/Nov/2024:16:38:45 +0800] "GET /robots.txt HTTP/1.1" 200 472 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
Anonymous
2024-11-13 00:01:51
(1 month ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
selahattinalan
2024-11-10 22:23:37
(1 month ago)
47.128.50.240 - - [11/Nov/2024:01:23:35 +0300] "GET /index.php?limit=30&order=DESC&route=product%2Fs ... show more 47.128.50.240 - - [11/Nov/2024:01:23:35 +0300] "GET /index.php?limit=30&order=DESC&route=product%2Fsearch&sort=pd.name&tag=42027 HTTP/2.0" 200 5807 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
MAGIC
2024-11-06 05:09:17
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-11-06 03:26:47
(1 month ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-11-04 12:08:57
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-11-03 15:17:23
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 47.128.50.240 (ec2-47-128-50-240.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.50.240 (ec2-47-128-50-240.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 10:17:16.460687 2024] [security2:error] [pid 17991:tid 17991] [client 47.128.50.240:19182] [client 47.128.50.240] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kingstoneproperties.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kingstoneproperties.com"] [uri "/[email protected] "] [unique_id "ZyeT_EWJ2ucbKW6555CvSgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-03 06:17:15
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH