MAGIC
2024-12-02 07:10:38
(1 day ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-11-29 17:18:39
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 47.128.62.67 (ec2-47-128-62-67.ap-southeast-1.c ... show more (mod_security) mod_security (id:210730) triggered by 47.128.62.67 (ec2-47-128-62-67.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 29 12:18:33.562318 2024] [security2:error] [pid 2074501:tid 2074501] [client 47.128.62.67:59166] [client 47.128.62.67] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Golden Logos and Graphics/Thumbs.db"] [unique_id "Z0n3aTB8SXJwIa52FnN2LQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-11-23 03:01:17
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-11-17 06:09:02
(2 weeks ago)
Malicious activity detected
Hacking
Web App Attack
MAGIC
2024-11-16 04:10:15
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
selahattinalan
2024-11-14 22:43:18
(2 weeks ago)
47.128.62.67 - - [15/Nov/2024:01:43:17 +0300] "GET /index.php?limit=25&order=ASC&route=product%2Fsea ... show more 47.128.62.67 - - [15/Nov/2024:01:43:17 +0300] "GET /index.php?limit=25&order=ASC&route=product%2Fsearch&sort=p.model&tag=S+003-02-00 HTTP/2.0" 200 5790 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
Anonymous
2024-11-14 07:12:25
(2 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-11 01:11:49
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-09 10:06:19
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-05 03:25:14
(4 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hermawan
2024-11-01 12:03:34
(1 month ago)
[Fri Nov 01 18:31:48.755963 2024] [security2:error] [pid 24214:tid 125000487012032] [client 47.128.6 ... show more [Fri Nov 01 18:31:48.755963 2024] [security2:error] [pid 24214:tid 125000487012032] [client 47.128.62.67:57286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.7.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "59"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman/555558852-prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-jawa-timur-untuk-bulan-september-tahun-2021-update-dari-analisis-bulan-juni-2021 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-bulanan-tingkat-ket
... show less
Hacking
Web App Attack
Anonymous
2024-11-01 10:28:06
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-31 09:39:54
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
selahattinalan
2024-10-30 13:21:42
(1 month ago)
47.128.62.67 - - [30/Oct/2024:16:21:39 +0300] "GET /tr/ijonmes-tr/ HTTP/2.0" 404 23300 "-" "Mozilla/ ... show more 47.128.62.67 - - [30/Oct/2024:16:21:39 +0300] "GET /tr/ijonmes-tr/ HTTP/2.0" 404 23300 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36" show less
Brute-Force
MAGIC
2024-10-29 18:04:13
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot