๐ฎ๐ฉ
hermawan
2026-07-03 01:49:17
(7 hours ago)
[Fri Jul 03 08:49:12.033629 2026] [security2:error] [pid 37537:tid 139946418489024] [client 147.136. ...
show more
[Fri Jul 03 08:49:12.033629 2026] [security2:error] [pid 37537:tid 139946418489024] [client 147.136.65.70:20924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.google.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.google.go.id found within REQUEST_HEADERS:Referer: https://www.google.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur"] [unique_id "akcVGALDUYJGSxE7c1n2MgABVAQ"], referer https://www.google.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[37548] [lkqVIevSFuc] [akcVGALDUYJGSxE7c1n2MgABVAQ] keep_alive=[1] [2026-07-03 08:49:12.033636] [R:akcVGALDUYJGSxE7c1n2MgABV
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-30 11:28:44
(2 days ago)
[Tue Jun 30 18:28:38.825056 2026] [security2:error] [pid 13201:tid 140187119113920] [client 147.136. ...
show more
[Tue Jun 30 18:28:38.825056 2026] [security2:error] [pid 13201:tid 140187119113920] [client 147.136.65.70:64814] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /pdfjs/web/viewer.html?file=/images/Klimatologi/Analisis/02-Analisis_Dasarian/Monitoring_dan_Prakiraan_Curah_Hujan-Dasarian/Monitoring_dan_Prakiraan_Curah_Hujan-Dasarian_di_Provinsi_Jawa_Timur/2026/06_Juni_2026/Das-I/Monitoring_dan_Prediksi_Curah_Hujan-Dasarian_di_Provinsi_Jawa_Timur_Update_10_Juni_2026.pdf HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/pdfjs/web/viewer.html"] [unique_id "akOoZopjAnUeggRSRR4POQAAjQU"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [st
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-17 21:38:13
(2 weeks ago)
[Thu Jun 18 04:38:02.588122 2026] [security2:error] [pid 2044779:tid 139897760372416] [client 147.13 ...
show more
[Thu Jun 18 04:38:02.588122 2026] [security2:error] [pid 2044779:tid 139897760372416] [client 147.136.65.70:60110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat"] [unique_id "ajMTugWaq8tGwgyjaCdY8QABAQE"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[2044797] [OnTC37lu0Ik] [ajMTugWaq8tGwgyjaCdY8QABAQE] keep_alive=[1] [2026-06-18
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-05-28 05:25:28
(1 month ago)
[Thu May 28 12:25:25.402457 2026] [security2:error] [pid 445784:tid 139851676493504] [client 147.136 ...
show more
[Thu May 28 12:25:25.402457 2026] [security2:error] [pid 445784:tid 139851676493504] [client 147.136.65.70:19250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bing" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "254"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bing found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 13; SM-G781U Build/TP1A.220624.014; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36 BingSapphire/32.3.430811006 request_line = GET /index.php/analisis-iklim/analisis-bulanan/analisis-distribusi-hujan/analisis-distribusi-curah-hujan HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-bulanan/analisis-distribusi-hujan/analisis-distribusi-curah-hujan"] [unique_id "ahfRxcbvUCSeh3TXzFfvHgAAAEk"], referer https://staklim-jatim.bmkg.go.id/ [stak
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-05-24 07:19:10
(1 month ago)
[Sun May 24 14:19:07.329133 2026] [security2:error] [pid 299587:tid 140343625356992] [client 147.136 ...
show more
[Sun May 24 14:19:07.329133 2026] [security2:error] [pid 299587:tid 140343625356992] [client 147.136.65.70:3860] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "857"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561495-infografis-waspada-cuaca-ekstrem-di-masa-pancaroba HTTP/2.0 Request URI RAW = /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561495-infografis-waspada-cuaca-ekstrem-di-masa-pancaroba Request Basename = 555561495-infografis-waspada-cuaca-ekstrem-d..."] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [t
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-05-20 10:50:41
(1 month ago)
[Wed May 20 17:50:36.915190 2026] [security2:error] [pid 722625:tid 140082966152896] [client 147.136 ...
show more
[Wed May 20 17:50:36.915190 2026] [security2:error] [pid 722625:tid 140082966152896] [client 147.136.65.70:3988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "624"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-iklim HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-iklim"] [unique_id "ag2R_GJm5z_lUcsxNaWxMwABCwI"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[722628] [qRjLkD33b7w] [ag2R_GJm5z_lUcsxNaWxMwABCwI] keep_alive=[1] [2026-05-20 17:50:36.915211] [R:ag2R_GJm5z_lUcsxNaWxMwAB
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-05-15 05:28:26
(1 month ago)
[Fri May 15 12:27:23.000480 2026] [authz_core:error] [pid 109486:tid 139904044496576] [client 147.13 ...
show more
[Fri May 15 12:27:23.000480 2026] [authz_core:error] [pid 109486:tid 139904044496576] [client 147.136.65.70:9128] AH01630: client denied by server configuration: /var/www/index.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[109487] [sYGldxTOpPo] [agauugCprENpxZtvmTqewgAAwAA] keep_alive=[1] [2026-05-15 12:27:23.000485] [R:agauugCprENpxZtvmTqewgAAwAA] UA:'Mozilla/5.0 (Linux; Android 10; SM-S901B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36' Host:'staklim-jatim.bmkg.go.id:443' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7' Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 Upgrade-Insecure-Requests:'1
...
show less
Email Spam
Hacking
๐บ๐ธ
MPL
2026-04-29 21:42:55
(2 months ago)
tcp/443 (8 or more attempts)
Port Scan
๐ฎ๐ฉ
hermawan
2026-04-17 00:36:02
(2 months ago)
04/17/2026-07:36:01.817910 [Drop] [**] [1:3100000595:0] Suricata match TLS JA3 scan Uniq Zeek no 59 ...
show more
04/17/2026-07:36:01.817910 [Drop] [**] [1:3100000595:0] Suricata match TLS JA3 scan Uniq Zeek no 595 with hash_304734bb1c086c3453b387400cf83f11 [**] [Classification: (null)] [Priority: 3] {TCP} 147.136.65.70:37984 -> 103.166.156.58:443
...
show less
Email Spam
Hacking