psauxit
2024-12-04 11:50:14
(6 days ago)
Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping
Web Spam
Hacking
Bad Web Bot
Web App Attack
MAGIC
2024-11-29 02:09:13
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Rocky Mountain Bioengineering Symposium
2024-11-25 09:02:48
(2 weeks ago)
[Mon Nov 25 02:02:47.815834 2024] [authz_core:error] [pid 110192:tid 140005288683072] [client 65.108 ... show more [Mon Nov 25 02:02:47.815834 2024] [authz_core:error] [pid 110192:tid 140005288683072] [client 65.108.99.120:46372] AH01630: client denied by server configuration: /var/www/public_html/symposium/robots.txt
[Mon Nov 25 02:02:47.818502 2024] [authz_core:error] [pid 110192:tid 140005288683072] [client 65.108.99.120:46372] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html
[Mon Nov 25 02:02:48.220605 2024] [authz_core:error] [pid 110192:tid 140005414508096] [client 65.108.99.120:46372] AH01630: client denied by server configuration: /var/www/public_html/symposium/robots.txt
... show less
Bad Web Bot
MAGIC
2024-11-23 08:06:16
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-11-21 19:24:20
(2 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
TPI-Abuse
2024-11-15 21:36:46
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 65.108.99.120 (crawl1-136.oi.tb.007ac9.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 65.108.99.120 (crawl1-136.oi.tb.007ac9.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 15 16:36:43.888932 2024] [security2:error] [pid 27366:tid 27366] [client 65.108.99.120:50872] [client 65.108.99.120] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.5degrees-eg.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.5degrees-eg.com"] [uri "/[email protected] "] [unique_id "Zze-66EJlMFd01bTUPX9sgAAABI"], referer: http://www.5degrees-eg.com/ show less
Brute-Force
Bad Web Bot
Web App Attack
Roderic
2024-11-09 18:33:44
(1 month ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 65.108.99.120 (FI/Fi ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 65.108.99.120 (FI/Finland/crawl1-136.oi.tb.007ac9.net) show less
Bad Web Bot
BlueWire Hosting
2024-11-06 15:10:29
(1 month ago)
Detected as a bad bot
Bad Web Bot
TPI-Abuse
2024-11-03 16:30:05
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 65.108.99.120 (crawl1-136.oi.tb.007ac9.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 65.108.99.120 (crawl1-136.oi.tb.007ac9.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 11:29:58.677583 2024] [security2:error] [pid 23084:tid 23084] [client 65.108.99.120:49500] [client 65.108.99.120] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.john-bell-associates.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.john-bell-associates.com"] [uri "/reddit.com"] [unique_id "ZyelBgBR6nlUqUI_2_xI6AAAAAY"], referer: http://www.john-bell-associates.com/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-09 15:22:05
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 65.108.99.120 (crawl1-136.oi.tb.007ac9.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 65.108.99.120 (crawl1-136.oi.tb.007ac9.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 11:21:57.989216 2024] [security2:error] [pid 3914470:tid 3914482] [client 65.108.99.120:35154] [client 65.108.99.120] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.iamalibrarian.com|F|2"] [data ".libraryromance.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.iamalibrarian.com"] [uri "/www.libraryromance.com"] [unique_id "ZrY0Fc5B-1Ee8DRmgPd8IQAAAEc"], referer: http://www.iamalibrarian.com/Links2.html show less
Brute-Force
Bad Web Bot
Web App Attack
Steve
2024-06-15 18:21:05
(5 months ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
Bad Web Bot
Anonymous
2024-06-11 17:53:00
(5 months ago)
$f2bV_matches
Hacking
Brute-Force
10dencehispahard SL
2024-06-11 02:08:08
(5 months ago)
Unauthorized login attempts [ bot_accesslogs]
Brute-Force
Rizzy
2024-06-02 09:37:34
(6 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
SaferWeb
2024-05-30 09:51:59
(6 months ago)
#2 (mod_security) mod_security (id:913100) triggered by 65.108.99.120 (FI/Finland/crawl1-136.oi.tb.0 ... show more #2 (mod_security) mod_security (id:913100) triggered by 65.108.99.120 (FI/Finland/crawl1-136.oi.tb.007ac9.net): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: show less
Bad Web Bot
Web App Attack