hermawan
2023-07-07 07:23:21
(1 year ago)
[Fri Jul 07 14:23:19.471594 2023] [security2:error] [pid 227512:tid 140557804353088] [client 185.191 ... show more [Fri Jul 07 14:23:19.471594 2023] [security2:error] [pid 227512:tid 140557804353088] [client 185.191.171.35:60736] [client 185.191.171.35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html) request_line = GET /index.php/prakiraan-bulanan/4097-prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-provinsi-jawa-timur/prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-provinsi-jawa-timur-tahun-2021/555559219-prakiraan-bulanan-tingkat-ketersediaan-air-bagi-tanaman-di-jawa-timur-untuk-bulan-mare..."] [severity "NOTICE"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prak
... show less
Hacking
Web App Attack
hermawan
2023-07-06 09:56:15
(1 year ago)
[Thu Jul 06 16:56:12.236034 2023] [security2:error] [pid 273440:tid 139893610743360] [client 185.191 ... show more [Thu Jul 06 16:56:12.236034 2023] [security2:error] [pid 273440:tid 139893610743360] [client 185.191.171.35:32006] [client 185.191.171.35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bot" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "5"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bot found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html) request_line = GET /robots.txt HTTP/1.1"] [severity "NOTICE"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "ZKaPvFXlcbVvWPALCPO-EAAAAAI"] [karangploso.jatim.bmkg.go.id] [karangploso.jatim.bmkg.go.id] top=[273544] [JZCyhibRFDc] [ZKaPvFXlcbVvWPALCPO-EAAAAAI] keep_alive=[0] [2023-07-06 16:56:12.236037] [R:ZKaPvFXlcbVvWPALCPO-EAAAAAI] UA:'Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)' Host:'karangploso.jat
... show less
Hacking
Web App Attack
MAGIC
2023-07-06 09:16:10
(1 year ago)
VM2 Bad user agents ignoring web crawling rules. Draining bandwidth
DDoS Attack
Bad Web Bot
JCB
2023-07-06 07:37:34
(1 year ago)
404
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2023-07-05 21:08:06
(1 year ago)
Malicious Activity Detected
Hacking
Brute-Force
Hans Müller
2023-07-05 11:57:48
(1 year ago)
Bad Web Bot
www.narsol.org
2023-07-05 09:14:12
(1 year ago)
185.191.171.35 - - [05/Jul/2023:05:06:01 -0400] "GET /my-calendar/?dy=3&mcat=4%2C2%2C6%2C1&month=7&p ... show more 185.191.171.35 - - [05/Jul/2023:05:06:01 -0400] "GET /my-calendar/?dy=3&mcat=4%2C2%2C6%2C1&month=7&print=print&time=week HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [05/Jul/2023:05:10:45 -0400] "GET /my-calendar/?dy=17&mcat=4%2C2%2C3%2C1&month=9&print=print&time=week HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [05/Jul/2023:05:11:00 -0400] "GET /my-calendar/?dy=26&mcat=1%2C4%2C5%2C2&month=3&print=print&time=week HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [05/Jul/2023:05:13:12 -0400] "GET /my-calendar/?dy=1&mcat=4%2C2%2C1%2C5&month=1&print=print&time=week HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [05/Jul/2023:05:14:11 -0400] "GET /my-calendar/?dy=19&mcat=2%2C6%2C1%2C4&month=3&print=prin
... show less
DDoS Attack
Web App Attack
Bytemark
2023-07-05 00:34:35
(1 year ago)
185.191.171.35 - - [05/Jul/2023:01:34:34 +0100] "GET /ucp.php?mode=login&redirect=posting.php%3Ff%3D ... show more 185.191.171.35 - - [05/Jul/2023:01:34:34 +0100] "GET /ucp.php?mode=login&redirect=posting.php%3Ff%3D39%26mode%3Dreply%26t%3D6010 HTTP/1.1" 301 7346 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less
Brute-Force
Web App Attack
EIC
2023-07-04 22:11:05
(1 year ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 185.191.171.35 (GB/U ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 185.191.171.35 (GB/United Kingdom/35.bl.bot.semrush.com): (CF_ENABLE) show less
Bad Web Bot
www.narsol.org
2023-07-03 20:57:47
(1 year ago)
185.191.171.35 - - [03/Jul/2023:16:49:21 -0400] "GET /my-calendar/?dy=10&mcat=4%2C2%2C5%2C6&month=4& ... show more 185.191.171.35 - - [03/Jul/2023:16:49:21 -0400] "GET /my-calendar/?dy=10&mcat=4%2C2%2C5%2C6&month=4&print=print&time=day HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [03/Jul/2023:16:53:40 -0400] "GET /my-calendar/?dy=3&mcat=1%2C4%2C3%2C6&month=7&print=print&time=month HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [03/Jul/2023:16:53:45 -0400] "GET /my-calendar/?dy=30&mcat=5%2C1%2C3%2C6&month=4&print=print&time=week HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [03/Jul/2023:16:57:39 -0400] "GET /my-calendar/?dy=9&mcat=2%2C5%2C1%2C3&month=1&print=print&time=week HTTP/1.1" 404 7252 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
185.191.171.35 - - [03/Jul/2023:16:57:47 -0400] "GET /my-calendar/?dy=3&mcat=5%2C6%2C4%2C1&month=12&print=prin
... show less
DDoS Attack
Web App Attack
speedtaq.com
2023-07-03 07:25:31
(1 year ago)
185.191.171.35 - - [03/Jul/2023:09:25:28 +0200] "GET /176227rtjtitems/etidm36zt HTTP/1.1" 404 286595 ... show more 185.191.171.35 - - [03/Jul/2023:09:25:28 +0200] "GET /176227rtjtitems/etidm36zt HTTP/1.1" 404 286595 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less
Bad Web Bot
speedtaq.com
2023-07-03 06:39:10
(1 year ago)
185.191.171.35 - - [03/Jul/2023:08:39:08 +0200] "GET /fcrcatalogkssa/895 HTTP/1.1" 404 286577 "-" "M ... show more 185.191.171.35 - - [03/Jul/2023:08:39:08 +0200] "GET /fcrcatalogkssa/895 HTTP/1.1" 404 286577 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less
Bad Web Bot
speedtaq.com
2023-07-03 05:49:31
(1 year ago)
185.191.171.35 - - [03/Jul/2023:07:49:29 +0200] "GET /182260oljnetidm33aod HTTP/1.1" 404 286578 "-" ... show more 185.191.171.35 - - [03/Jul/2023:07:49:29 +0200] "GET /182260oljnetidm33aod HTTP/1.1" 404 286578 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less
Bad Web Bot
speedtaq.com
2023-07-03 01:14:29
(1 year ago)
185.191.171.35 - - [03/Jul/2023:03:14:26 +0200] "GET /101144veuc5d5g7/a78ee0.html HTTP/1.1" 404 2866 ... show more 185.191.171.35 - - [03/Jul/2023:03:14:26 +0200] "GET /101144veuc5d5g7/a78ee0.html HTTP/1.1" 404 286601 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less
Bad Web Bot
Bytemark
2023-07-03 00:11:52
(1 year ago)
185.191.171.35 - - [03/Jul/2023:01:11:52 +0100] "GET /posting.php?f=17&mode=reply&t=3992 HTTP/1.1" 2 ... show more 185.191.171.35 - - [03/Jul/2023:01:11:52 +0100] "GET /posting.php?f=17&mode=reply&t=3992 HTTP/1.1" 200 10788 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" show less
Brute-Force
Web App Attack