[Thu Nov 06 00:18:35.219654 2025] [security2:error] [pid 2228777:tid 139655793075904] [client 110.13 ...
show more[Thu Nov 06 00:18:35.219654 2025] [security2:error] [pid 2228777:tid 139655793075904] [client 110.137.102.35:28322] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.19.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "351"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: UTF-8 request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Info/Infografis_Suhu_Dingin_di_Malang_dan_sekitarnya-600.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Info/Infografis_Suhu_Dingin_di_Malang_dan_sekitarnya-600.jpg"] [unique_id "aQuG67LXQogHItX3NCQTYQADgwA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[2228778] [4xhvI5wJEBw] [aQuG67LXQogHItX3NCQTYQADgwA] keep_alive=[1] [2025-11-06 00:18:35.219659] [R:aQuG67LXQogHItX3NCQTYQADgwA] UA:
...
show less
Hacking
Web App Attack
Anonymous
DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: a ...
show moreDDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: amplification attacks via third-parties e.g. HTTP_USER_AGENT facebookexternalhit/meta-externalagent/meta-externalfetcher or IPs from googleusercontent.com with fake HTTP_REFERER foxnews.com/newsweek.com/upwork.com/activision.com/... Port 443.
show less
Unauthorized connection attempt detected from IP address 110.137.102.35 to port 80 [J]
Port Scan
Hacking
Anonymous
Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probin ...
show moreAttacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools
show less
Aug 4 12:20:22 localhost sshd\[74033\]: Invalid user demo from 110.137.102.35
Aug 4 12:20:22 local ...
show moreAug 4 12:20:22 localhost sshd\[74033\]: Invalid user demo from 110.137.102.35
Aug 4 12:20:22 localhost sshd\[74033\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.137.102.35
Aug 4 12:20:24 localhost sshd\[74033\]: Failed password for invalid user demo from 110.137.102.35 port 7887 ssh2
Aug 4 12:20:30 localhost sshd\[74037\]: Invalid user demo from 110.137.102.35
Aug 4 12:20:30 localhost sshd\[74037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.137.102.35
...
show less
Aug 4 11:39:41 localhost sshd\[71613\]: Did not receive identification string from 110.137.102.35
A ...
show moreAug 4 11:39:41 localhost sshd\[71613\]: Did not receive identification string from 110.137.102.35
Aug 4 11:39:41 localhost sshd\[71614\]: Did not receive identification string from 110.137.102.35
Aug 4 11:39:41 localhost sshd\[71615\]: Did not receive identification string from 110.137.102.35
Aug 4 11:39:41 localhost sshd\[71616\]: Did not receive identification string from 110.137.102.35
Aug 4 11:39:42 localhost sshd\[71617\]: Did not receive identification string from 110.137.102.35
...
show less