๐ฎ๐ฉ
hermawan
2025-03-18 02:55:39
(1 year ago)
[Tue Mar 18 09:54:55.946195 2025] [security2:error] [pid 348960:tid 140358571947712] [client 57.141. ...
show more
[Tue Mar 18 09:54:55.946195 2025] [security2:error] [pid 348960:tid 140358571947712] [client 57.141.3.21:51428] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/analisis-kondisi-dinamika-atmosfer-laut-dasarian/4168-analisis-kondisi-dinamika-atmosfer-laut-dasarian-tahun-2023/555559903-analisis-dan-prediksi-dasarian-dinamika-atmosfer-laut-dan-prediksi-curah-hujan-pemutakhiran-dasarian-i-januari-2023 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-kondisi-dinamika-atmosfer-laut-dasarian/4168-analisis-kondisi-dinamika-atmosfer-laut-dasarian-tahun-2023
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-17 17:26:29
(1 year ago)
[Tue Mar 18 00:26:28.716366 2025] [security2:error] [pid 72124:tid 140566786586304] [client 57.141.3 ...
show more
[Tue Mar 18 00:26:28.716366 2025] [security2:error] [pid 72124:tid 140566786586304] [client 57.141.3.21:44406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-sifat-hujan-bulanan/3-bulan-ke-depan/555560754-prakiraan-bulanan-sifat-hujan-bulan-maret-tahun-2024-update-dari-analisis-bulan-januari-tahun-2024-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-sifat-hujan-bulanan/3-bulan-ke-depan/555560754-prakiraan-bulanan-sifat-hujan-bulan-maret-tahun-20
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-17 02:43:33
(1 year ago)
[Mon Mar 17 09:43:12.103512 2025] [security2:error] [pid 510607:tid 140267705202368] [client 57.141. ...
show more
[Mon Mar 17 09:43:12.103512 2025] [security2:error] [pid 510607:tid 140267705202368] [client 57.141.3.21:48546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-all-categories/4161-klimatologi/analisis-klimatologi/monitoring-dan-prakiraan-curah-hujan-dasarian-di-provinsi-jawa-timur/monitoring-dan-prakiraan-curah-hujan-dasarian-di-provinsi-jawa-timur-tahun-2023/555555636-monitoring-dan-prakiraan-curah-hujan-dasarian-update-31-agustus-tahun-2023-di-provinsi-jawa-..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-ca
...
show less
Hacking
Web App Attack
Anonymous
2025-03-14 21:51:37
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐ฎ๐ฉ
hermawan
2025-03-13 06:44:26
(1 year ago)
[Thu Mar 13 06:32:41.070162 2025] [security2:error] [pid 2182:tid 140625290684096] [client 57.141.3. ...
show more
[Thu Mar 13 06:32:41.070162 2025] [security2:error] [pid 2182:tid 140625290684096] [client 57.141.3.21:37636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/90-klimatologi/analisis-klimatologi/artikel-perubahan-iklim/126-artikel-perubahan-iklim HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/90-klimatologi/analisis-klimatologi/artikel-perubahan-iklim/126-artikel-perubahan-iklim"] [unique_id "Z9J8CQbfVN8GvzA1JBBSewAAoRM"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[2202] [BlQefXso/lo] [Z9J8CQbfVN8GvzA1JBBSewAAoRM] keep_alive=[1] [2025-03-13
...
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2025-03-13 05:05:28
(1 year ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-12 21:14:45
(1 year ago)
[Thu Mar 13 03:42:58.681677 2025] [security2:error] [pid 19468:tid 140529654208192] [client 57.141.3 ...
show more
[Thu Mar 13 03:42:58.681677 2025] [security2:error] [pid 19468:tid 140529654208192] [client 57.141.3.21:49504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-bulanan/622-prakiraan-potensi-banjir/prakiraan-daerah-potensi-banjir-di-indonesia/prakiraan-daerah-potensi-banjir-di-indonesia-tahun-2017 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-bulanan/622-prakiraan-potensi-banjir/prakiraan-daerah-potensi-banjir-di-indonesia/prakiraan-daerah-potensi-banjir-di-indonesia-tahun-2017"] [unique_id "Z9Hx0lRRglZJsY1KrN7NTgAAshk"] [staklim-jatim
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-10 17:50:46
(1 year ago)
[Tue Mar 11 00:49:36.301338 2025] [security2:error] [pid 51351:tid 140211786720960] [client 57.141.3 ...
show more
[Tue Mar 11 00:49:36.301338 2025] [security2:error] [pid 51351:tid 140211786720960] [client 57.141.3.21:60680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-all-categories/3961-klimatologi/prakiraan-klimatologi/prakiraan-dasarian/prakiraan-dasarian-daerah-potensi-banjir/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur/prakiraan-dasarian-daerah-potensi-banjir-di-provinsi-jawa-timur-tahun-2019/600-prakiraan-dasarian-daerah-potensi-banjir-dasari..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-cat
...
show less
Hacking
Web App Attack
Anonymous
2025-03-08 13:40:42
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐ป๐ณ
Xuan Can
2025-03-07 15:46:34
(1 year ago)
(mod_security) mod_security (id:20000222) triggered by 57.141.3.21 (US/United States/-): 1 in the la ...
show more
(mod_security) mod_security (id:20000222) triggered by 57.141.3.21 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 07 22:46:31.886782 2025] [security2:error] [pid 36795:tid 36818] [remote 57.141.3.21:35236] [client 57.141.3.21] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-admin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "46"] [id "20000222"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/huong-dan-sua-loi-khong-duoc-phep-truy-cap-wp-admin-trong-wordpress.html/amp"] [unique_id "Z8sU10KJRMUvydd3BWvq6wAAiBY"]
show less
Brute-Force
SSH
๐ป๐ณ
Xuan Can
2025-03-04 15:54:12
(1 year ago)
(mod_security) mod_security (id:1010111) triggered by 57.141.3.21 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:1010111) triggered by 57.141.3.21 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 04 22:54:05.576700 2025] [security2:error] [pid 24236:tid 24275] [client 57.141.3.21:0] [client 57.141.3.21] ModSecurity: Access denied with code 500 (phase 2). Pattern match "=shell" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "25"] [id "1010111"] [severity "CRITICAL"] [hostname "www.diendanmaychu.vn"] [uri "/tags.php"] [unique_id "Z8ciHXQHrGQgu4UDqUCbEwAAAAY"]
show less
Brute-Force
SSH
๐บ๐ธ
mnsf
2025-03-04 00:05:23
(1 year ago)
Too many Status 40X (15)
Request Overload (191)
Brute-Force
Web App Attack
๐ป๐ณ
Xuan Can
2025-03-03 15:12:15
(1 year ago)
(mod_security) mod_security (id:1010113) triggered by 57.141.3.21 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:1010113) triggered by 57.141.3.21 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 03 22:12:08.217961 2025] [security2:error] [pid 13045:tid 13095] [client 57.141.3.21:0] [client 57.141.3.21] ModSecurity: Access denied with code 500 (phase 2). Pattern match "boom" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "27"] [id "1010113"] [severity "CRITICAL"] [hostname "www.diendanmaychu.vn"] [uri "/member.php/386-bboomm"] [unique_id "Z8XGyJ5FkrhuUihD8NqNfQAAAFc"]
show less
Brute-Force
SSH
๐ป๐ณ
Xuan Can
2025-03-02 02:11:55
(1 year ago)
(mod_security) mod_security (id:1010111) triggered by 57.141.3.21 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:1010111) triggered by 57.141.3.21 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 02 09:11:52.700960 2025] [security2:error] [pid 434:tid 461] [client 57.141.3.21:0] [client 57.141.3.21] ModSecurity: Access denied with code 500 (phase 2). Pattern match "=shell" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "25"] [id "1010111"] [severity "CRITICAL"] [hostname "www.diendanmaychu.vn"] [uri "/tags.php"] [unique_id "Z8O-aF2Ke1efr_kb6vEopgAAAAA"]
show less
Brute-Force
SSH
Anonymous
2025-03-01 15:38:13
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force