Anonymous
2023-04-12 00:23:22
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
IrisFlower
2023-04-11 23:22:52
(1 year ago)
Unauthorized connection attempt detected from IP address 103.131.71.154 to port 443 [J]
Port Scan
Hacking
MAGIC
2023-04-11 09:54:28
(1 year ago)
Distributed DDOS attempts for multiple sites
DDoS Attack
Bad Web Bot
Anonymous
2023-04-04 15:50:32
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
MAGIC
2023-03-30 04:00:04
(1 year ago)
Distributed DDOS attempts for multiple sites
DDoS Attack
Bad Web Bot
hermawan
2023-03-29 02:08:21
(1 year ago)
[Wed Mar 29 09:08:19.335063 2023] [security2:error] [pid 599966:tid 139653921068608] [client 103.131 ... show more [Wed Mar 29 09:08:19.335063 2023] [security2:error] [pid 599966:tid 139653921068608] [client 103.131.71.154:57753] [client 103.131.71.154] ModSecurity: Access denied with code 403 (phase 2). String match within "/accept-charset/ /content-encoding/ /proxy/ /lock-token/ /content-range/ /if/" at TX:header_name_accept-charset. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1390"] [id "920450"] [msg "HTTP header is restricted by policy (/accept-charset/)"] [data "Restricted header detected: /accept-charset/"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/12.1"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-curah-hujan-bulanan/555559887-prakiraan-bulanan-curah-hujan-bulan-maret-tahun-2023-update-dari-analisis-bulan-
... show less
Hacking
Web App Attack
warriors
2023-03-22 23:20:26
(1 year ago)
Unsolicited Connect x 12 last 24h
Port Scan
Anonymous
2023-03-09 02:48:49
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
hermawan
2023-03-07 02:54:00
(1 year ago)
[Tue Mar 07 09:53:58.612923 2023] [security2:error] [pid 117991:tid 140436886369856] [client 103.131 ... show more [Tue Mar 07 09:53:58.612923 2023] [security2:error] [pid 117991:tid 140436886369856] [client 103.131.71.154:32829] [client 103.131.71.154] ModSecurity: Access denied with code 403 (phase 2). String match within "/accept-charset/ /content-encoding/ /proxy/ /lock-token/ /content-range/ /if/" at TX:header_name_accept-charset. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1390"] [id "920450"] [msg "HTTP header is restricted by policy (/accept-charset/)"] [data "Restricted header detected: /accept-charset/"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/12.1"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-musim/4155-prakiraan-musim-hujan/prakiraan-awal-musim-hujan/prakiraan-awal-musim-hujan-propinsi-jawa-timur/prakiraan-awal-musim-hujan-tahun-2022
... show less
Hacking
Web App Attack
Anonymous
2023-03-02 05:56:59
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2023-02-28 08:10:23
(1 year ago)
Web App Attack
Anonymous
2023-02-22 09:54:21
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
warriors
2023-02-20 23:13:28
(1 year ago)
Unsolicited Connect x 12 last 24h
Port Scan
hermawan
2023-02-17 09:03:04
(1 year ago)
[Fri Feb 17 12:31:34.311941 2023] [security2:error] [pid 709412:tid 139619038959168] [client 103.131 ... show more [Fri Feb 17 12:31:34.311941 2023] [security2:error] [pid 709412:tid 139619038959168] [client 103.131.71.154:61631] [client 103.131.71.154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:user-agent. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:user-agent: Mozilla/5.0 (compatible; coccocbot-web/1.0; +http://help.coccoc.com/searchengine) request_line = GET /robots.txt HTTP/1.1"] [severity "NOTICE"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "Y-8RNnSLpNE0mld68HfLzgAAABs"] [karangploso.jatim.bmkg.go.id] [karangploso.jatim.bmkg.go.id] top=[709531] [yPlioPYX++A] [Y-8RNnSLpNE0mld68HfLzgAAABs] keep_alive=[0] [2023-02-17 12:31:34.311944] [R:Y-8RNnSLpNE0mld68HfLzgAAABs] UA:'Mozilla/5.0 (compatible; coccocbot-web/1.0; +http://help.coccoc.com/searchengine)' Host:'kar
... show less
Hacking
Web App Attack
Anonymous
2023-02-06 02:28:05
(1 year ago)
Web App Attack