๐บ๐ธ
kosada.com
2026-07-04 04:18:51
(17 hours ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฎ๐ฉ
hermawan
2026-07-02 16:32:55
(2 days ago)
Captured JA4H: ge11n_7c4cfa8c3a36 | Log: 103.163.36.36 - - [02/Jul/2026:23:32:37 +0700] "GET /b/bula ...
show more
Captured JA4H: ge11n_7c4cfa8c3a36 | Log: 103.163.36.36 - - [02/Jul/2026:23:32:37 +0700] "GET /b/bulananlamongan.pdf HTTP/1.1" 206 861790 "-" "Mozilla/5.0 (Linux; Android 12; V2027) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/123.0.6312.118 Mobile Safari/537.36 VivoBrowser/16.2.1.0" ge11n_accept-encoding,connection,accept-language,sec-ch-ua,user-agent,sec-ch-ua-mobile,accept,upgrade-insecure-requests,priority,sec-fetch-dest,sec-fetch-mode,sec-fetch-site,sec-fetch-user,sec-ch-ua-platform,range,host...
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-23 21:42:41
(1 week ago)
06/24/2026-04:42:38.197316 [Drop] [**] [1:921373:1] Suricata Dibuat Gemini TCP SYN port scanner - W ...
show more
06/24/2026-04:42:38.197316 [Drop] [**] [1:921373:1] Suricata Dibuat Gemini TCP SYN port scanner - Win 65535 [**] [Classification: (null)] [Priority: 3] {TCP} 103.163.36.36:47202 -> 103.166.156.58:443
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-20 10:39:05
(2 weeks ago)
[Sat Jun 20 17:39:02.352370 2026] [security2:error] [pid 397902:tid 140602111895232] [client 103.163 ...
show more
[Sat Jun 20 17:39:02.352370 2026] [security2:error] [pid 397902:tid 140602111895232] [client 103.163.36.36:38082] ModSecurity: Access denied with code 403 (phase 1). Match of "pm /gtagku-v2.js /swiper-v114na.js /ga-choise-v6.js /bmkg-192.png /800-600.webp /bmkg-192x192.png /ga-v5.js /favicon-16-16.png /matomo-partition-21-01-2026-5-5-0.js /script-v185.js /script-v188.js /script-v184.js /script-v182.js /1280-720.webp /manifest ..." against "REQUEST_LINE" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440008"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: If-Modified-Since found within REQUEST_LINE: GET /swiper-v115.js HTTP/2.0 request_line = GET /swiper-v115.js HTTP/2.0 Request URI RAW = /swiper-v115.js Request Basename = swiper-v115.js"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/swiper-v115.js"] [unique_id "ajZtxjc3goc9B3p
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-17 15:02:39
(2 weeks ago)
[Wed Jun 17 22:02:34.597217 2026] [security2:error] [pid 1807195:tid 139897783441088] [client 103.16 ...
show more
[Wed Jun 17 22:02:34.597217 2026] [security2:error] [pid 1807195:tid 139897783441088] [client 103.163.36.36:52317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "image/heif" at REQUEST_HEADERS:Accept. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "422"] [id "440009"] [msg " Image Heif"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: text/html found within REQUEST_HEADERS:Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/heif,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561581-mengenal-fenomena-la-nina-si-pembawa-hujan HTTP/2.0 Request URI RAW = /index.php/informasi-iklim/infografis-ikli..."] [hostname "staklim-malang.info"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561581-men
...
show less
Email Spam
Hacking
๐ฉ๐ช
ps-center
2025-02-18 14:49:00
(1 year ago)
LT: TCP-Scanner. Port: 1433
Port Scan
๐ฉ๐ช
Packets-Decreaser.NET
2025-02-11 21:22:22
(1 year ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ฉ๐ช
Packets-Decreaser.NET
2025-01-09 18:28:32
(1 year ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ฆ๐บ
MAGIC
2024-12-12 19:00:41
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ณ๐ฑ
Study Bitcoin ๐ค
2024-11-23 22:00:14
(1 year ago)
2 port probes: 2x tcp/445 (smb)
[gda]
Port Scan
Hacking
๐ฎ๐ฉ
hermawan
2024-11-23 11:00:43
(1 year ago)
[Sat Nov 23 15:11:56.939602 2024] [security2:error] [pid 206350:tid 137330893309632] [client 103.163 ...
show more
[Sat Nov 23 15:11:56.939602 2024] [security2:error] [pid 206350:tid 137330893309632] [client 103.163.36.36:45390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.8.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "259"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /b/curah_bulananmalangbatu.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/b/curah_bulananmalangbatu.jpg"] [unique_id "Z0GOTOBckQS5W4X4mG5RDQACZzk"], referer https://myactivity.google.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[206408] [THyUDSi0Vmg] [Z0GOTOBckQS5W4X4mG5RDQACZzk] keep_alive=[1] [2024-11-23 15:11:56.939619] [R:Z0GOTOBckQS5W4X4mG5RDQACZzk] UA:'Mozilla/5.0 (Linux; Android 11; CPH2059 Build/RKQ1.200903.002; wv) AppleWebKit/537.36 (KH
...
show less
Hacking
Web App Attack
๐ช๐ธ
10dencehispahard SL
2024-10-04 11:40:03
(1 year ago)
DoS Attack
DDoS Attack
Brute-Force
๐ฆ๐น
urnilxfgbez
2024-05-13 22:45:00
(2 years ago)
Last 24 Hours suspicious: (DPT=445|DPT=3389|DPT=22|DPT=3306|DPT=8080|DPT=23|DPT=5900|DPT=1433)
Port Scan