kk_it_man
2024-12-10 06:13:06
(1 month ago)
ET SCAN Bing Webcrawler User-Agent (BingBot)
Port Scan
hermawan
2024-12-05 06:27:27
(1 month ago)
[Thu Dec 05 12:14:22.200019 2024] [security2:error] [pid 75677:tid 123694228559552] [client 40.77.18 ... show more [Thu Dec 05 12:14:22.200019 2024] [security2:error] [pid 75677:tid 123694228559552] [client 40.77.189.136:31616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Head" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.8.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "61"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Head found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/87.0.4280.141 Safari/537.36 Edg/87.0.664.75 request_line = GET /OneSignalSDKWorker.js HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/OneSignalSDKWorker.js"] [unique_id "Z1E2rl-5ThPaZa6r8WzaXQAA0zs"], referer https://staklim-jatim.bmkg.go.id/index.php/profil/meteorologi/list-all-categories/4167-klimatologi/prakiraan-klimatologi/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/prakiraan-dasarian-daerah-potensi-banjir-di-provi
... show less
Hacking
Web App Attack
hermawan
2024-08-15 04:00:23
(4 months ago)
[Thu Aug 15 09:35:32.047619 2024] [security2:error] [pid 1356952:tid 123464176371264] [client 40.77. ... show more [Thu Aug 15 09:35:32.047619 2024] [security2:error] [pid 1356952:tid 123464176371264] [client 40.77.189.136:31040] [client 40.77.189.136] ModSecurity: Access denied with code 403 (phase 1). Match of "pm /administrator/ /TableFilter/system-v167.css /index.php /android-icon-192-192.png /offline-service-worker-07-07-2023-v-4-15-0.js /plugins/Morpheus/ /offline-service-worker-01-08-2023-v4-5-1.js /index.php?module /depan/offline/ /OneSignalSDKWorker.js /O ..." against "REQUEST_LINE" required. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "58"] [id "441003"] [msg "bot downloader Cache-Control no-cache gak punya cookies dan diluar REQUEST_LINE line"] [data "Matched Data: no-cache found within REQUEST_LINE: GET /matomo.php?action_name=(%20Analisis%20-%20Bulanan%20)%20Hari%20Tanpa%20Hujan%20Berturut-Turut%20Maksimum%20di%20Provinsi%20Jawa%20Timur%20Bulan%20November%20-%20Desember%20Tahun%202023%20-%20Januari%20tahun%202024&idsite=3&rec=1&r=63848
... show less
Hacking
Web App Attack
hermawan
2024-08-05 12:08:59
(5 months ago)
[Mon Aug 05 19:08:52.124522 2024] [security2:error] [pid 56638:tid 134575904785984] [client 40.77.18 ... show more [Mon Aug 05 19:08:52.124522 2024] [security2:error] [pid 56638:tid 134575904785984] [client 40.77.189.136:31168] [client 40.77.189.136] ModSecurity: Access denied with code 403 (phase 1). Match of "pm /administrator/ /TableFilter/system-v167.css /index.php /android-icon-192-192.png /offline-service-worker-07-07-2023-v-4-15-0.js /plugins/Morpheus/ /offline-service-worker-01-08-2023-v4-5-1.js /index.php?module /depan/offline/ /OneSignalSDKWorker.js /O ..." against "REQUEST_LINE" required. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "58"] [id "441003"] [msg "bot downloader Cache-Control no-cache gak punya cookies dan diluar REQUEST_LINE line"] [data "Matched Data: no-cache found within REQUEST_LINE: GET /matomo.php?action_name=(%20Prakiraan%20-%20Dasarian%20)%20Daerah%20Potensi%20Banjir%20di%20Provinsi%20Jawa%20Timur%20untuk%20Bulan%20MEI%20DASARIAN%20I%20Tahun%202024%20(%20Tanggal%201%20-%2010%20MEI%202024%20)%20Update%2010%20April%20202
... show less
Hacking
Web App Attack
Anonymous
2024-06-10 03:33:53
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-05-28 08:18:51
(7 months ago)
(mod_security) mod_security (id:243420) triggered by 40.77.189.136 (msnbot-40-77-189-136.search.msn. ... show more (mod_security) mod_security (id:243420) triggered by 40.77.189.136 (msnbot-40-77-189-136.search.msn.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 04:18:47.771723 2024] [security2:error] [pid 2511366:tid 47260585912064] [client 40.77.189.136:1216] [client 40.77.189.136] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||whatismetamodern.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ZlWTZMOb4RXNW6upv7wu8wAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
kk_it_man
2024-05-06 01:03:04
(8 months ago)
ET SCAN Bing Webcrawler User-Agent (BingBot)
Port Scan
Anonymous
2024-02-16 10:59:00
(10 months ago)
"Session Hijacking"
Brute-Force
TPI-Abuse
2023-12-23 22:15:28
(1 year ago)
(mod_security) mod_security (id:243420) triggered by 40.77.189.136 (msnbot-40-77-189-136.search.msn. ... show more (mod_security) mod_security (id:243420) triggered by 40.77.189.136 (msnbot-40-77-189-136.search.msn.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 23 17:15:23.437769 2023] [security2:error] [pid 14652] [client 40.77.189.136:3904] [client 40.77.189.136] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||goseethenurse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ZYdb-J5Whk7e6cdJk6pWSQAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-10 23:37:44
(1 year ago)
(mod_security) mod_security (id:243420) triggered by 40.77.189.136 (msnbot-40-77-189-136.search.msn. ... show more (mod_security) mod_security (id:243420) triggered by 40.77.189.136 (msnbot-40-77-189-136.search.msn.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 10 18:37:37.158868 2023] [security2:error] [pid 12767] [client 40.77.189.136:4544] [client 40.77.189.136] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.peterndudar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.peterndudar.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ZXZLv5LINtCc1NZL6wWnUAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
ozisp.com.au
2023-12-01 05:06:24
(1 year ago)
US_Microsoft_<177>1701407183 [1:2032981:1] ET SCAN Bing Webcrawler User-Agent (BingBot) [Classificat ... show more US_Microsoft_<177>1701407183 [1:2032981:1] ET SCAN Bing Webcrawler User-Agent (BingBot) [Classification: Not Suspicious Traffic] [Priority: 3]: <seconione-ens192-1> {TCP} 40.77.189.136:1088 show less
Hacking
ozisp.com.au
2023-11-30 15:03:01
(1 year ago)
US_Microsoft_<33>1701356579 [1:2032981:1] ET SCAN Bing Webcrawler User-Agent (BingBot) [Classificati ... show more US_Microsoft_<33>1701356579 [1:2032981:1] ET SCAN Bing Webcrawler User-Agent (BingBot) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 40.77.189.136:1088 show less
Hacking
ThreatBook.io
2023-10-11 06:59:33
(1 year ago)
ThreatBook Intelligence: Search Engine Crawler,Whitelist more details on https://threatbook.io/ip/40 ... show more ThreatBook Intelligence: Search Engine Crawler,Whitelist more details on https://threatbook.io/ip/40.77.189.136
2023-10-10 09:38:47 /static/css/app.bb951cb3.css show less
Web App Attack
kk_it_man
2023-10-05 00:23:05
(1 year ago)
ET SCAN Bing Webcrawler User-Agent (BingBot)
Port Scan
Anonymous
2023-08-16 08:48:08
(1 year ago)
Web Spam
Email Spam
Blog Spam
Bad Web Bot
Web App Attack