Anonymous
2024-11-16 12:02:41
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-15 11:50:52
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-14 11:43:05
(3 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
selahattinalan
2024-11-13 12:25:37
(3 weeks ago)
110.249.202.96 - - [13/Nov/2024:15:25:36 +0300] "GET /tr/index.php HTTP/2.0" 200 3966 "-" "Mozilla/5 ... show more 110.249.202.96 - - [13/Nov/2024:15:25:36 +0300] "GET /tr/index.php HTTP/2.0" 200 3966 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/)" show less
Brute-Force
Anonymous
2024-11-11 13:15:31
(4 weeks ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-05 01:49:21
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-30 13:20:45
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hermawan
2024-10-29 19:27:21
(1 month ago)
[Tue Oct 29 10:50:59.815814 2024] [security2:error] [pid 328224:tid 130147820766912] [client 110.249 ... show more [Tue Oct 29 10:50:59.815814 2024] [security2:error] [pid 328224:tid 130147820766912] [client 110.249.202.96:45588] ModSecurity: Access denied with code 403 (phase 1). Match of "ipMatch 103.166.156.58" against "REMOTE_ADDR" required. [file "/etc/modsecurity/coreruleset-4.7.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "185"] [id "440006"] [msg "Connection Close Header"] [data "Matched Data: close found within REMOTE_ADDR: 110.249.202.96 request_line = GET /robots.txt HTTP/1.1"] [hostname "staklim-malang.info"] [uri "/robots.txt"] [unique_id "ZyBboyQjj3R4Z_1KWL6_5QAAAVA"] [staklim-malang.info] [staklim-malang.info] top=[328282] [hI5Efl251iw] [ZyBboyQjj3R4Z_1KWL6_5QAAAVA] keep_alive=[0] [2024-10-29 10:50:59.815817] [R:ZyBboyQjj3R4Z_1KWL6_5QAAAVA] UA:'Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; https://zhanzhang.toutiao.com/)' Host:'staklim-malang.info' Accept-Encoding:'gzip
... show less
Hacking
Web App Attack
hermawan
2024-10-23 23:20:30
(1 month ago)
[Wed Oct 23 23:07:54.479762 2024] [security2:error] [pid 203866:tid 138271501846208] [client 110.249 ... show more [Wed Oct 23 23:07:54.479762 2024] [security2:error] [pid 203866:tid 138271501846208] [client 110.249.202.96:39446] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "zh-CN" at REQUEST_HEADERS:Accept-Language. [file "/etc/modsecurity/coreruleset-4.7.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "42"] [id "440001"] [msg "Seperti Ddos bahasa Rusia ada di ip vietnam 2.59.0.188 "] [data "Matched Data: zh-CN found within REQUEST_HEADERS:Accept-Language: zh,zh-CN;q=0.9 request_line = GET /index.php/prakiraan-bulanan/3873-prakiraan-curah-hujan-bulanan/prakiraan-curah-hujan-bulanan-di-propinsi-jawa-timur/prakiraan-curah-hujan-bulanan-di-propinsi-jawa-timur-tahun-2018/537-prakiraan-curah-hujan-bulan-januari-tahun-2019-update-dari-analisis-bulan-oktober-2018 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-bulanan/3873-prakiraan-curah-hujan-bulanan/prakiraan-curah-hujan-bulanan-di-propinsi-jawa-timur/prakiraan-curah-hujan-bulanan-
... show less
Hacking
Web App Attack
hermawan
2024-10-23 03:34:13
(1 month ago)
[Tue Oct 22 23:42:56.533279 2024] [security2:error] [pid 253446:tid 137356837390016] [client 110.249 ... show more [Tue Oct 22 23:42:56.533279 2024] [security2:error] [pid 253446:tid 137356837390016] [client 110.249.202.96:63720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "zh-CN" at REQUEST_HEADERS:Accept-Language. [file "/etc/modsecurity/coreruleset-4.7.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "42"] [id "440001"] [msg "Seperti Ddos bahasa Rusia ada di ip vietnam 2.59.0.188 "] [data "Matched Data: zh-CN found within REQUEST_HEADERS:Accept-Language: zh,zh-CN;q=0.9 request_line = GET /index.php/analisis-bulanan/3945-tingkat-ketersediaan-air-tanah/tingkat-ketersediaan-air-tanah-di-provinsi-jawa-timur/tingkat-ketersediaan-air-tanah-di-provinsi-jawa-timur-tahun-2019/818-analisis-bulanan-tingkat-ketersediaan-air-tanah-bulan-april-tahun-2019-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/analisis-bulanan/3945-tingkat-ketersediaan-air-tanah/tingkat-ketersediaan-air-tanah-di-provinsi-jawa-timur/tingkat-ketersediaan
... show less
Hacking
Web App Attack
Anonymous
2024-10-22 15:46:59
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-10-22 00:02:27
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-10-21 08:43:35
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hermawan
2024-10-19 22:16:31
(1 month ago)
[Sun Oct 20 01:45:13.726599 2024] [security2:error] [pid 88985:tid 123751953860288] [client 110.249. ... show more [Sun Oct 20 01:45:13.726599 2024] [security2:error] [pid 88985:tid 123751953860288] [client 110.249.202.96:12038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "zh-CN" at REQUEST_HEADERS:Accept-Language. [file "/etc/modsecurity/coreruleset-4.7.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "42"] [id "440001"] [msg "Seperti Ddos bahasa Rusia ada di ip vietnam 2.59.0.188 "] [data "Matched Data: zh-CN found within REQUEST_HEADERS:Accept-Language: zh,zh-CN;q=0.9 request_line = GET /index.php/analisis-kondisi-dinamika-atmosfer-laut-dasarian/3958-analisis-kondisi-dinamika-atmosfer-laut-dasarian-tahun-2019/555556922-analisis-dinamika-atmosfer-laut-analisis-dan-prediksi-curah-hujan-update-dasarian-ii-januari-2019 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/analisis-kondisi-dinamika-atmosfer-laut-dasarian/3958-analisis-kondisi-dinamika-atmosfer-laut-dasarian-tahun-2019/555556922-analisis-dinamika-atmosfer-laut-analisis-dan-prediks
... show less
Hacking
Web App Attack
Anonymous
2024-10-19 16:15:48
(1 month ago)
Ports: 80,443; Direction: 1; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH