MAGIC
2024-08-28 05:07:50
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
hermawan
2024-08-27 23:50:11
(1 month ago)
[Wed Aug 28 06:47:18.892878 2024] [security2:error] [pid 358591:tid 137459190990400] [client 57.141. ... show more [Wed Aug 28 06:47:18.892878 2024] [security2:error] [pid 358591:tid 137459190990400] [client 57.141.3.3:60946] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-of-all-tags/prakiraan-cuaca-harian-tiap-3-jam-sekali-per-kecamatan?format=feed&type=rss HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/prakiraan-cuaca-harian-tiap-3-jam-sekali-per-kecamatan"] [unique_id "Zs5lhnaUUOCAeX7nx4jgsQAAXSU"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[358629] [KHqq3GrQjlE] [Zs5lhna
... show less
Hacking
Web App Attack
Anonymous
2024-08-27 01:27:21
(1 month ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-08-26 09:19:17
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
Anonymous
2024-08-25 08:57:02
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
hermawan
2024-08-24 02:34:17
(1 month ago)
[Sat Aug 24 09:22:01.301846 2024] [security2:error] [pid 19897:tid 135327494702656] [client 57.141.3 ... show more [Sat Aug 24 09:22:01.301846 2024] [security2:error] [pid 19897:tid 135327494702656] [client 57.141.3.3:36118] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET //images/Klimatologi/Analisis/02-Analisis_Dasarian/Analisis_Distribusi_Curah_Hujan_Dasarian/Analisis_Distribusi_Curah_Hujan_Dasarian_Provinsi_Jawa_Timur/2024/06_Juni_2024/Das-III/Peta_Analisis-Dasarian_Distribusi_Curah_Hujan_Dasarian_III_Juni_2024_di_Provinsi_Jawa_Timur.jpg" HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Analisis/02-Analisis_Dasarian/Analisis_Distribusi_Curah_Huj
... show less
Hacking
Web App Attack
Anonymous
2024-08-22 21:33:43
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-21 19:03:45
(1 month ago)
Excessive crawling/scraping
Hacking
Brute-Force
hermawan
2024-08-21 16:03:46
(1 month ago)
[Wed Aug 21 21:26:24.172714 2024] [security2:error] [pid 60680:tid 130450831967808] [client 57.141.3 ... show more [Wed Aug 21 21:26:24.172714 2024] [security2:error] [pid 60680:tid 130450831967808] [client 57.141.3.3:50020] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-all-categories/113-meteorologi/prakiraan-meteorologi/555557337-prakiraan-cuaca-wisata-di-jawa-timur-untuk-hari-ini-pada-pagi-siang-malam-dan-dini-hari-meliputi-tempat-wisata-antara-lain-air-terjun-senduro-telaga-sarangan-pantai-pasir-putih-situbondo-kawah-ijen-pantai-balekambang-gong-gong-pacitan-taman-..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteoro
... show less
Hacking
Web App Attack
hermawan
2024-08-18 07:12:53
(1 month ago)
[Sun Aug 18 14:04:53.010614 2024] [security2:error] [pid 949477:tid 132454778144320] [client 57.141. ... show more [Sun Aug 18 14:04:53.010614 2024] [security2:error] [pid 949477:tid 132454778144320] [client 57.141.3.3:58332] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-of-all-tags/normal-awal-musim-hujan-propinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/meteorologi/list-of-all-tags/normal-awal-musim-hujan-propinsi-jawa-timur"] [unique_id "ZsGdFUaQC-fDa9KtVqvPEgABHQ8"] [staklim-malang.info] [staklim-malang.info] top=[949493] [O/Uez3clmbU] [ZsGdFUaQC-fDa9KtVqvPEgABHQ8] keep_alive=[1] [2024-08-18 14:04:53.
... show less
Hacking
Web App Attack
MAGIC
2024-08-18 02:00:28
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-08-17 12:49:07
(1 month ago)
Excessive crawling/scraping
Hacking
Brute-Force
hermawan
2024-08-16 12:13:25
(1 month ago)
[Fri Aug 16 18:44:16.145729 2024] [security2:error] [pid 958822:tid 131873466484288] [client 57.141. ... show more [Fri Aug 16 18:44:16.145729 2024] [security2:error] [pid 958822:tid 131873466484288] [client 57.141.3.3:38594] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "39"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-sifat-hujan-bulanan/555560755-prakiraan-bulanan-sifat-hujan-bulan-april-tahun-2024-update-dari-analisis-bulan-januari-tahun-2024-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-sifat-hujan-bulanan/555560755-prakiraan-bulanan-sifat-hujan-bulan-april-tahun-2024-update-dari-a
... show less
Hacking
Web App Attack
hermawan
2024-08-13 15:28:30
(1 month ago)
[Tue Aug 13 20:22:56.850330 2024] [security2:error] [pid 97129:tid 123471002601024] [client 57.141.3 ... show more [Tue Aug 13 20:22:56.850330 2024] [security2:error] [pid 97129:tid 123471002601024] [client 57.141.3.3:53622] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "38"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/component/search/?Itemid=696&catid=4261&id=555561125&format=opensearch HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/component/search/"] [unique_id "ZrteMKWob9n49dc2tOiNOwACUg8"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[97145] [rff5gUjKuDI] [ZrteMKWob9n49dc2tOiNOwACUg8] keep_alive=[1] [2024-08-13 20:22:56.850333] [R:ZrteMKWob9n49dc2tOiNOwACUg8] UA:'meta-externala
... show less
Hacking
Web App Attack
hermawan
2024-08-13 06:40:35
(1 month ago)
[Tue Aug 13 11:39:12.378295 2024] [security2:error] [pid 369392:tid 139588513302080] [client 57.141. ... show more [Tue Aug 13 11:39:12.378295 2024] [security2:error] [pid 369392:tid 139588513302080] [client 57.141.3.3:35194] [client 57.141.3.3] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "38"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian/Prakiraan_Probabilistik_Curah_Hujan_Dasarian_Provinsi_Jawa_Timur/2023/03_Maret_2023/Das-II/Peta_Prakiraan-Dasarian-Probabilistik_Curah_Hujan_Dasarian-III_MARET_2023-Provinsi_Jawa_Timur_Update_20_Maret_2023.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian
... show less
Hacking
Web App Attack