TPI-Abuse
2024-08-26 07:49:34
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 54.36.149.52 (hydrogen308-ext2.a.ahrefs.com): 1 ... show more (mod_security) mod_security (id:210730) triggered by 54.36.149.52 (hydrogen308-ext2.a.ahrefs.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 03:49:29.059310 2024] [security2:error] [pid 7601:tid 7601] [client 54.36.149.52:55357] [client 54.36.149.52] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.john-bell-associates.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.john-bell-associates.com"] [uri "/reddit.com"] [unique_id "ZswziQi-ksw4-lKyHUkWWwAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mendip_Defender
2024-08-23 18:50:21
(3 weeks ago)
54.36.149.52 - - [23/Aug/2024:19:50:01 +0100] "GET /galleries/2008/2008-07-12_-_West_Wilts_-_Naish_H ... show more 54.36.149.52 - - [23/Aug/2024:19:50:01 +0100] "GET /galleries/2008/2008-07-12_-_West_Wilts_-_Naish_Hill_Hare_and_Hounds/WW_12-07-2008_0010.jpg HTTP/2.0" 200 178136 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Bad Web Bot
camara.leg.br
2024-08-13 08:52:36
(1 month ago)
Bot User-Agent Usage
Web App Attack
Mendip_Defender
2024-08-12 10:44:28
(1 month ago)
54.36.149.52 - - [12/Aug/2024:11:44:31 +0100] "GET /picture.php/MW_08-08-2010_0926/category/47 HTTP/ ... show more 54.36.149.52 - - [12/Aug/2024:11:44:31 +0100] "GET /picture.php/MW_08-08-2010_0926/category/47 HTTP/1.0" 200 3067 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Bad Web Bot
camara.leg.br
2024-08-11 15:02:03
(1 month ago)
Bot User-Agent Usage
Web App Attack
camara.leg.br
2024-08-08 15:28:53
(1 month ago)
Bot User-Agent Usage
Web App Attack
camara.leg.br
2024-08-05 09:25:24
(1 month ago)
Bot User-Agent Usage
Web App Attack
camara.leg.br
2024-08-03 01:38:57
(1 month ago)
Bot User-Agent Usage
Web App Attack
Mendip_Defender
2024-08-01 16:44:40
(1 month ago)
54.36.149.52 - - [01/Aug/2024:17:44:40 +0100] "GET /robots.txt HTTP/1.0" 200 928 "-" "Mozilla/5.0 (c ... show more 54.36.149.52 - - [01/Aug/2024:17:44:40 +0100] "GET /robots.txt HTTP/1.0" 200 928 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Bad Web Bot
Charles
2024-07-30 21:56:24
(1 month ago)
54.36.149.52 - - [31/Jul/2024:05:56:22 +0800] "GET /eng/conversation/junior/audio/flu.html HTTP/1.1" ... show more 54.36.149.52 - - [31/Jul/2024:05:56:22 +0800] "GET /eng/conversation/junior/audio/flu.html HTTP/1.1" 200 7806 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
TPI-Abuse
2024-07-30 19:53:04
(1 month ago)
(mod_security) mod_security (id:217291) triggered by 54.36.149.52 (hydrogen308-ext2.a.ahrefs.com): 1 ... show more (mod_security) mod_security (id:217291) triggered by 54.36.149.52 (hydrogen308-ext2.a.ahrefs.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 15:52:57.055199 2024] [security2:error] [pid 10959:tid 10959] [client 54.36.149.52:35791] [client 54.36.149.52] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n|\\\\r)" at ARGS_NAMES:\\r fromwhere. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)||jeffersonlynn.com|F|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr fromwhere: \\x0d fromwhere"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "jeffersonlynn.com"] [uri "/g12privacy.php"] [unique_id "ZqlEmciOCS3wznKFj96ZrQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mendip_Defender
2024-07-28 17:54:48
(1 month ago)
54.36.149.52 - - [28/Jul/2024:18:54:41 +0100] "GET /galleries/2021/20210812_-_Ixion_at_Cadwelll_25/2 ... show more 54.36.149.52 - - [28/Jul/2024:18:54:41 +0100] "GET /galleries/2021/20210812_-_Ixion_at_Cadwelll_25/20210812_Ixion_Cadwell_25_0175.jpg HTTP/2.0" 200 359600 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Bad Web Bot
nv
2024-07-28 01:32:05
(1 month ago)
54.36.149.52 - - [28/Jul/2024:03:32:04 +0200] "GET /robots.txt HTTP/2.0" 301 162 "-" "Mozilla/5.0 (c ... show more 54.36.149.52 - - [28/Jul/2024:03:32:04 +0200] "GET /robots.txt HTTP/2.0" 301 162 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" show less
Bad Web Bot
rh24
2024-07-27 22:21:56
(1 month ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 54.36.149.52 (FR/Fra ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 54.36.149.52 (FR/France/hydrogen308-ext2.a.ahrefs.com) show less
Bad Web Bot
Hans Müller
2024-07-27 02:07:04
(1 month ago)
.
Bad Web Bot