๐ฎ๐ฉ
hermawan
2025-03-18 16:33:31
(1 year ago)
[Tue Mar 18 23:32:56.899601 2025] [security2:error] [pid 714115:tid 140243044910784] [client 57.141. ...
show more
[Tue Mar 18 23:32:56.899601 2025] [security2:error] [pid 714115:tid 140243044910784] [client 57.141.3.18:56998] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/analisis-musim/4273-perbandingan-klimatologi/perbandingan-prakiraan-puncak-musim-hujan-terhadap-normalnya/perbandingan-prediksi-puncak-hujan-musim-hujan-tahun-2024-2025-terhadap-normalnya-1991-2020-zona-musim-di-provinsi-jawa-timur/555561416-analisis-6-bulanan-perbandingan-prediksi-puncak-musim-hujan-tahun-2024-2025-terhadap-n..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-musim/4273-perbanding
...
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2025-03-15 19:05:29
(1 year ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
Anonymous
2025-03-14 21:33:42
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐ป๐ณ
Xuan Can
2025-03-13 14:15:37
(1 year ago)
(mod_security) mod_security (id:20000222) triggered by 57.141.3.18 (US/United States/-): 1 in the la ...
show more
(mod_security) mod_security (id:20000222) triggered by 57.141.3.18 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 13 21:15:28.605237 2025] [security2:error] [pid 34227:tid 34238] [remote 57.141.3.18:43576] [client 57.141.3.18] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-admin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "46"] [id "20000222"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/huong-dan-sua-loi-khong-duoc-phep-truy-cap-wp-admin-trong-wordpress.html/amp"] [unique_id "Z9LogEGIC6VfPvRolh9B8QAACAc"]
show less
Brute-Force
SSH
๐บ๐ธ
mnsf
2025-03-13 05:05:55
(1 year ago)
Too many Status 40X (16)
Brute-Force
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-12 19:37:20
(1 year ago)
[Thu Mar 13 02:30:16.290459 2025] [security2:error] [pid 4662:tid 140529553495744] [client 57.141.3. ...
show more
[Thu Mar 13 02:30:16.290459 2025] [security2:error] [pid 4662:tid 140529553495744] [client 57.141.3.18:34522] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-all-categories/4167-klimatologi/prakiraan-klimatologi/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-tahun-2023/555559988-prakiraan-dasarian-daerah-potensi-banjir-..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-cate
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-11 02:02:33
(1 year ago)
[Tue Mar 11 08:59:13.657076 2025] [security2:error] [pid 95838:tid 139896258049728] [client 57.141.3 ...
show more
[Tue Mar 11 08:59:13.657076 2025] [security2:error] [pid 95838:tid 139896258049728] [client 57.141.3.18:36232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/buku/4128-buku-edisi-setiap-1-bulan-sekali/buku-analisis-dan-prakiraan-bulanan-jawa-timur/buletin-bulanan-analisis-dan-prakiraan-hujan-di-provinsi-jawa-timur-tahun-2022/1756-buletin-bulanan-analisis-hujan-bulan-april-tahun-2022-dan-prakiraan-hujan-bulan-juni-juli-agustus-tahun-2022-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/buku/4128-buku-edisi-setiap-1-bulan-sekali/buku-ana
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-10 18:02:39
(1 year ago)
[Tue Mar 11 00:56:15.444709 2025] [security2:error] [pid 53739:tid 140211937789632] [client 57.141.3 ...
show more
[Tue Mar 11 00:56:15.444709 2025] [security2:error] [pid 53739:tid 140211937789632] [client 57.141.3.18:54776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-cuaca-pelabuhan-tanjung-perak-surabaya/113-meteorologi/prakiraan-meteorologi HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-cuaca-pelabuhan-tanjung-perak-surabaya/113-meteorologi/prakiraan-meteorologi"] [unique_id "Z88nvwgBz7Hefarb6Mt95wAABxo"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[53767] [qhU+sKiRIiE] [Z88nvwgBz7Hefarb6Mt95wAABxo] keep_alive=[1] [2025-03-11
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-10 15:59:25
(1 year ago)
[Mon Mar 10 22:56:16.037048 2025] [security2:error] [pid 11986:tid 140321916679872] [client 57.141.3 ...
show more
[Mon Mar 10 22:56:16.037048 2025] [security2:error] [pid 11986:tid 140321916679872] [client 57.141.3.18:49774] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/analisis-bulanan/3910-analisis-distribusi-hujan/analisis-distribusi-sifat-hujan/analisis-distribusi-sifat-hujan-jawa-timur-bulanan/analisis-distribusi-sifat-hujan-jawa-timur-bulanan-tahun-2018/533-analisis-distribusi-sifat-hujan-bulan-januari-tahun-2018-di-propinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/analisis-bulanan/3910-analisis-distribusi-hujan/analisis-distribusi-sifat-hujan/an
...
show less
Hacking
Web App Attack
Anonymous
2025-03-08 06:34:34
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐บ๐ธ
mnsf
2025-03-04 00:05:24
(1 year ago)
Too many Status 40X (16)
Request Overload (243)
Brute-Force
Web App Attack
๐บ๐ธ
MPL
2025-03-03 23:12:04
(1 year ago)
tcp/443 (12 or more attempts)
Port Scan
Anonymous
2025-02-28 22:38:13
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐บ๐ธ
mnsf
2025-02-26 07:06:03
(1 year ago)
Too many Status 40X (17)
Request Overload (104)
Brute-Force
Web App Attack
๐ป๐ณ
Xuan Can
2025-02-22 14:30:28
(1 year ago)
(mod_security) mod_security (id:1010119) triggered by 57.141.3.18 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:1010119) triggered by 57.141.3.18 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 22 21:30:25.126005 2025] [security2:error] [pid 14836:tid 14875] [client 57.141.3.18:0] [client 57.141.3.18] ModSecurity: Access denied with code 500 (phase 2). Pattern match "union" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "39"] [id "1010119"] [severity "CRITICAL"] [hostname "www.diendanmaychu.vn"] [uri "/member.php/3051-uniontran"] [unique_id "Z7nfgfIm76pbLv8vS-YgPgAAAMw"]
show less
Brute-Force
SSH