MAGIC
2024-05-21 08:11:34
(7 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
futuremakers.gr
2024-05-20 06:14:50
(8 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 47.128.97.225 (SG/Si ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 47.128.97.225 (SG/Singapore/ec2-47-128-97-225.ap-southeast-1.compute.amazonaws.com) show less
Bad Web Bot
toolsource.com
2024-05-18 07:53:33
(8 months ago)
47.128.97.225 - - [18/May/2024:03:53:32 -0400] "GET /phillips-c-194_215_218/lowpro-bentup-head-ratch ... show more 47.128.97.225 - - [18/May/2024:03:53:32 -0400] "GET /phillips-c-194_215_218/lowpro-bentup-head-ratchet-screwdriver-bits-p-336528.html HTTP/2.0" 200 71495 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36"
... show less
Bad Web Bot
toolsource.com
2024-05-16 02:07:14
(8 months ago)
47.128.97.225 - - [15/May/2024:22:07:13 -0400] "GET /xl-gearboxtm-double-box-ratcheting-wrench-58-in ... show more 47.128.97.225 - - [15/May/2024:22:07:13 -0400] "GET /xl-gearboxtm-double-box-ratcheting-wrench-58-in-p-101114.html HTTP/2.0" 301 158 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
hermawan
2024-05-14 15:55:15
(8 months ago)
[Tue May 14 22:55:13.557532 2024] [security2:error] [pid 241903:tid 127137998702144] [client 47.128. ... show more [Tue May 14 22:55:13.557532 2024] [security2:error] [pid 241903:tid 127137998702144] [client 47.128.97.225:36412] [client 47.128.97.225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Feed" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.0.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "37"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Feed found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /robots.txt HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/robots.txt"] [unique_id "ZkOJYXenXzMKML3K0OcNZAAAAII"] [staklim-malang.info] [staklim-malang.info] top=[241947] [zxf2BlzOhw0] [ZkOJYXenXzMKML3K0OcNZAAAAII] keep_alive=[0] [2024-05-14 22:55:13.557536] [R:ZkOJYXenXzMKML3K0OcNZAAAAII] UA:'Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36
... show less
Hacking
Web App Attack
TPI-Abuse
2024-05-14 05:31:20
(8 months ago)
(mod_security) mod_security (id:243420) triggered by 47.128.97.225 (ec2-47-128-97-225.ap-southeast-1 ... show more (mod_security) mod_security (id:243420) triggered by 47.128.97.225 (ec2-47-128-97-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 14 01:31:16.544586 2024] [security2:error] [pid 4526] [client 47.128.97.225:21062] [client 47.128.97.225] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS:/upload/2023/09/08/20230908114833-3a00a79d-la.jpg" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||global3darts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "global3darts.com"] [uri "/mediaVault/i.php"] [unique_id "ZkL3I-WYiX94ooCAg6mAwwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
toolsource.com
2024-05-13 02:16:45
(8 months ago)
47.128.97.225 - - [12/May/2024:22:16:43 -0400] "GET /alc-m-29161.html?page=30&sort=20a&filter_id=330 ... show more 47.128.97.225 - - [12/May/2024:22:16:43 -0400] "GET /alc-m-29161.html?page=30&sort=20a&filter_id=33021 HTTP/2.0" 200 72208 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.0.0 Safari/537.36"
... show less
Bad Web Bot
TPI-Abuse
2024-05-02 00:27:58
(8 months ago)
(mod_security) mod_security (id:243420) triggered by 47.128.97.225 (ec2-47-128-97-225.ap-southeast-1 ... show more (mod_security) mod_security (id:243420) triggered by 47.128.97.225 (ec2-47-128-97-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 01 20:27:54.042017 2024] [security2:error] [pid 8446:tid 47837613250304] [client 47.128.97.225:45248] [client 47.128.97.225] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS:/upload/2020/03/29/20200329083835-1496eca8-xs.jpg" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.ajbruner.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.ajbruner.com"] [uri "/ct/artlib/i.php"] [unique_id "ZjLeCeQe02N5VIYaD4OjzQAAAFE"] show less
Brute-Force
Bad Web Bot
Web App Attack
toolsource.com
2024-04-23 18:31:18
(8 months ago)
47.128.97.225 - - [23/Apr/2024:14:31:17 -0400] "GET /images/prod_images/KDT2012_1200Wx1200H.jpg HTTP ... show more 47.128.97.225 - - [23/Apr/2024:14:31:17 -0400] "GET /images/prod_images/KDT2012_1200Wx1200H.jpg HTTP/2.0" 200 65787 "https://jaincrystals.com/15-Knitting-Patterns-for-Beginners-Bob-Vila-3564282.html" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
10dencehispahard SL
2024-04-23 09:00:20
(8 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
MAGIC
2024-04-19 11:10:29
(9 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
toolsource.com
2024-04-16 13:32:12
(9 months ago)
47.128.97.225 - - [16/Apr/2024:09:32:11 -0400] "GET /images/prod_medium/LTI1500LWC_1200Wx1200H.jpg H ... show more 47.128.97.225 - - [16/Apr/2024:09:32:11 -0400] "GET /images/prod_medium/LTI1500LWC_1200Wx1200H.jpg HTTP/2.0" 200 60859 "https://printablee.subaruhd.com/en/printable-automotive-wheel-torque-chart.html" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
TPI-Abuse
2024-04-13 14:54:21
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 47.128.97.225 (ec2-47-128-97-225.ap-southeast-1 ... show more (mod_security) mod_security (id:210730) triggered by 47.128.97.225 (ec2-47-128-97-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 13 10:54:15.693946 2024] [security2:error] [pid 32622] [client 47.128.97.225:18806] [client 47.128.97.225] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.miranda-race-walks.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.miranda-race-walks.com"] [uri "/Pages/[email protected] "] [unique_id "Zhqclw5risGlE3Bz0gZmMwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Thaliruth
2024-04-12 12:40:00
(9 months ago)
47.128.97.225 - - [12/Apr/2024:14:40:00 +0200] "GET /buch-der-taten/signalfeuer-von-west-gondor HTTP ... show more 47.128.97.225 - - [12/Apr/2024:14:40:00 +0200] "GET /buch-der-taten/signalfeuer-von-west-gondor HTTP/1.0" 410 1766 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] )"
... show less
Bad Web Bot
MAGIC
2024-04-12 03:12:22
(9 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot