hermawan
2024-11-30 12:34:17
(5 days ago)
[Sat Nov 30 19:33:16.281546 2024] [security2:error] [pid 8571:tid 136156723476160] [client 162.158.4 ... show more [Sat Nov 30 19:33:16.281546 2024] [security2:error] [pid 8571:tid 136156723476160] [client 162.158.43.209:64264] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "cf-worker" at REQUEST_HEADERS_NAMES:Cf-Worker. [file "/etc/modsecurity/coreruleset-4.8.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "190"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: cf-worker found within REQUEST_HEADERS_NAMES:Cf-Worker: Cf-Worker request_line = GET /index.php/108-sumber-daya-manusia/struktur-organisasi/77-selamat-datang-di-stasiun-klimatologi-karangploso-malang HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/108-sumber-daya-manusia/struktur-organisasi/77-selamat-datang-di-stasiun-klimatologi-karangploso-malang"] [unique_id "Z0sGDPLxeuEHuFiLibyHrQAD4FQ"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[8656] [DcoIhRhPDeQ] [Z0sGDPLxeuEHuFiLibyHrQAD4FQ] keep_alive=[1] [2024-11-30 19:33:16.
... show less
Hacking
Web App Attack
Study Bitcoin 🤗
2024-11-12 22:34:47
(3 weeks ago)
Port probe to tcp/443 (https)
[srv130]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
Study Bitcoin 🤗
2024-11-11 21:52:32
(3 weeks ago)
Port probe to tcp/443 (https)
[srv130]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
Study Bitcoin 🤗
2024-11-11 20:28:36
(3 weeks ago)
Port probe to tcp/443 (https)
[srv130]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
Study Bitcoin 🤗
2024-11-11 18:22:29
(3 weeks ago)
Port probe to tcp/443 (https)
[srv130]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
Study Bitcoin 🤗
2024-11-08 02:50:30
(4 weeks ago)
Port probe to tcp/443 (https)
[srv130]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
blitarkab.go.id
2024-07-06 18:20:28
(4 months ago)
backdoor: ALFA.TEaM.Web.Shell
Web App Attack
pusathosting.com
2023-10-11 22:09:06
(1 year ago)
2ds22 bruteforce
Brute-Force
Web App Attack
hermawan
2023-09-23 03:54:50
(1 year ago)
[Sat Sep 23 10:52:41.245731 2023] [security2:error] [pid 21966:tid 140593562850880] [client 162.158. ... show more [Sat Sep 23 10:52:41.245731 2023] [security2:error] [pid 21966:tid 140593562850880] [client 162.158.43.209:39600] [client 162.158.43.209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Spider" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Spider found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Musim/2023/Musim_Hujan_2023/Infografis_Prakiraan_Musim_Hujan_Tahun_2023-2024_Provinsi_Jawa_Timur-600.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Musim/2023/Musim_Hujan_2023/Infografis_Prakiraan_Musim_Hujan_Tahun_2023-2024_Provinsi_Jaw
... show less
Hacking
Web App Attack
hermawan
2023-09-22 15:03:03
(1 year ago)
[Fri Sep 22 22:03:01.105896 2023] [security2:error] [pid 58031:tid 140357803005504] [client 162.158. ... show more [Fri Sep 22 22:03:01.105896 2023] [security2:error] [pid 58031:tid 140357803005504] [client 162.158.43.209:17364] [client 162.158.43.209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Spider" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Spider found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected] ) request_line = GET /index-v98.js HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index-v98.js"] [unique_id "ZQ2spbU22HSyiDoxaYuYCQAB4yo"], referer https://staklim-jatim.bmkg.go.id/index.php/profil/meteorologi/list-all-categories/2098-agroklimatologi/kalender-tanam-katam-terpadu/kalender-tanam-katam-terpadu-nasional-indonesia/kalender-tanam-katam-terpadu-p
... show less
Hacking
Web App Attack
hermawan
2023-09-22 08:59:39
(1 year ago)
[Fri Sep 22 15:59:36.791539 2023] [security2:error] [pid 152202:tid 139716173153856] [client 162.158 ... show more [Fri Sep 22 15:59:36.791539 2023] [security2:error] [pid 152202:tid 139716173153856] [client 162.158.43.209:64750] [client 162.158.43.209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots) request_line = GET /robots.txt HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "ZQ1XeMTP8lZXL36_ya0tMAAACBM"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[152223] [UbT20xZ1jMw] [ZQ1XeMTP8lZXL36_ya0tMAAACBM] keep_alive=[1] [2023-09-22 15:59:36.791542] [R:ZQ1XeMTP8lZXL36_ya0tMAAACBM] UA:'Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'*/*' Accept-Enc
... show less
Hacking
Web App Attack
pigro
2022-04-18 18:24:08
(2 years ago)
162.158.43.209 - - [19/Apr/2022:00:22:52 +0200] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" ... show more 162.158.43.209 - - [19/Apr/2022:00:22:52 +0200] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
162.158.43.209 - - [19/Apr/2022:00:24:08 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
... show less
Web App Attack
yourdreamnet.co.uk
2021-08-13 20:33:06
(3 years ago)
$f2bV_matches
Brute-Force
SSH