๐บ๐ธ
rsa
2026-06-29 19:15:00
(1 day ago)
excessive crawling ddos
DDoS Attack
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2026-06-29 02:00:08
(2 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฎ๐ฉ
hermawan
2026-06-28 07:35:55
(2 days ago)
[Sun Jun 28 14:35:55.082778 2026] [security2:error] [pid 186932:tid 140331026716352] [client 103.59. ...
show more
[Sun Jun 28 14:35:55.082778 2026] [security2:error] [pid 186932:tid 140331026716352] [client 103.59.161.132:48858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "380"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "akDO2x_4cwdrWG1YXcbxkgAAAVE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[186976] [VUxeZEvXhb8] [akDO2x_4cwdrWG1YXcbxkgAAAVE] keep_alive=[0] [2026-06-28 14:35:55.082782] [R:akDO2x_4cwdrWG1YXcbxkgAAAVE] UA:'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15' Host:'staklim-jatim.bmkg.go.id' Accept-Encoding:'gzip
...
show less
Email Spam
Hacking
๐บ๐ธ
jhuisi
2026-06-28 06:00:34
(3 days ago)
Mod Security Hit
Web App Attack
Anonymous
2026-06-20 18:58:02
(1 week ago)
Malicious activity detected
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2026-06-16 06:16:02
(2 weeks ago)
[Tue Jun 16 13:15:58.993606 2026] [security2:error] [pid 619546:tid 139770600593088] [client 103.59. ...
show more
[Tue Jun 16 13:15:58.993606 2026] [security2:error] [pid 619546:tid 139770600593088] [client 103.59.161.132:47582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "361"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ajDqHt_SUCbfln_Il9wS4QAAABA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[619592] [TD1n4JjrKis] [ajDqHt_SUCbfln_Il9wS4QAAABA] keep_alive=[0] [2026-06-16 13:15:58.993611] [R:ajDqHt_SUCbfln_Il9wS4QAAABA] UA:'Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' Accept-Encoding:'gzip
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-15 21:29:19
(2 weeks ago)
[Tue Jun 16 04:29:18.263364 2026] [security2:error] [pid 216552:tid 139892436752064] [client 103.59. ...
show more
[Tue Jun 16 04:29:18.263364 2026] [security2:error] [pid 216552:tid 139892436752064] [client 103.59.161.132:42718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "361"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ajBurtqItDSvVB0h_gHgHwAAAA4"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[216665] [ZWLahBGZzoU] [ajBurtqItDSvVB0h_gHgHwAAAA4] keep_alive=[0] [2026-06-16 04:29:18.263369] [R:ajBurtqItDSvVB0h_gHgHwAAAA4] UA:'Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/ Firefox/14.0' Host:'staklim-jatim.bmkg.go.id' Accept-Encoding:'gzip
...
show less
Email Spam
Hacking
๐บ๐ธ
jhuisi
2026-06-13 21:00:31
(2 weeks ago)
Mod Security Hit
Web App Attack
๐ฎ๐ฉ
hermawan
2026-06-12 22:36:41
(2 weeks ago)
[Sat Jun 13 05:36:40.508212 2026] [security2:error] [pid 401199:tid 140091616802496] [client 103.59. ...
show more
[Sat Jun 13 05:36:40.508212 2026] [security2:error] [pid 401199:tid 140091616802496] [client 103.59.161.132:48128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "361"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aiyJ-MyhFfbdm97yy6Tj9QAAAQE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[401227] [9+NDHBaZ9sI] [aiyJ-MyhFfbdm97yy6Tj9QAAAQE] keep_alive=[0] [2026-06-13 05:36:40.508217] [R:aiyJ-MyhFfbdm97yy6Tj9QAAAQE] UA:'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15' Host:'staklim-jatim.bmkg.go.id' Accept-Encoding:'gzip
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-11 19:48:13
(2 weeks ago)
[Fri Jun 12 02:48:09.966507 2026] [security2:error] [pid 1935405:tid 139768209852096] [client 103.59 ...
show more
[Fri Jun 12 02:48:09.966507 2026] [security2:error] [pid 1935405:tid 139768209852096] [client 103.59.161.132:39590] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "kubuntu" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "254"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: kubuntu found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aisQ-RQn1RZSuhpvbw4NigAAAEQ"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1935436] [59fJoz+8DY4] [aisQ-RQn1RZSuhpvbw4NigAAAEQ] keep_alive=[0] [2026-06-12 02:48:09.966512] [R:aisQ-RQn1RZSuhpvbw4NigAAAEQ] UA:'Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36' Host
...
show less
Email Spam
Hacking
๐ญ๐ณ
unph
2026-06-11 18:32:16
(2 weeks ago)
Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin
Brute-Force
๐ญ๐ณ
unph
2026-06-08 20:57:24
(3 weeks ago)
Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin
Brute-Force
๐ฎ๐ฉ
soc-yk
2026-06-08 00:54:13
(3 weeks ago)
Type: suspicious_network_activity
Risk: 92
Events: 21
Evidence:
- Persistent suspicious network act ...
show more
Type: suspicious_network_activity
Risk: 92
Events: 21
Evidence:
- Persistent suspicious network activity detected
- Repeated hostile operational behavior observed
- Threat escalation behavior observed
show less
Port Scan
Hacking
๐ซ๐ท
SpaceHost-Server
2026-05-29 22:25:27
(1 month ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-05-28 22:25:23
(1 month ago)
Brute-Force
Web App Attack