๐ฎ๐ฉ
hermawan
2025-03-18 17:20:01
(1 year ago)
[Tue Mar 18 23:58:30.779848 2025] [security2:error] [pid 4594:tid 140048506734272] [client 57.141.3. ...
show more
[Tue Mar 18 23:58:30.779848 2025] [security2:error] [pid 4594:tid 140048506734272] [client 57.141.3.5:50470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-all-categories/4232-klimatologi/prakiraan-klimatologi/prakiraan-indeks-presipitasi-terstandarisasi-spi/prakiraan-indeks-presipitasi-terstandarisasi-spi-di-jawa-timur/prakiraan-indeks-presipitasi-terstandarisasi-spi-3-bulanan-di-jawa-timur/prakiraan-bulanan-indeks-kekeringan-dan-kebasahan-meteorologis-3-..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categ
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-18 02:56:25
(1 year ago)
[Tue Mar 18 09:54:58.346277 2025] [security2:error] [pid 348960:tid 140358496413376] [client 57.141. ...
show more
[Tue Mar 18 09:54:58.346277 2025] [security2:error] [pid 348960:tid 140358496413376] [client 57.141.3.5:49474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-bulanan/4115-prakiraan-curah-hujan-bulanan/prakiraan-curah-hujan-bulanan-di-propinsi-jawa-timur/prakiraan-bulanan-curah-hujan-di-propinsi-jawa-timur-tahun-2022/555559558-prakiraan-bulanan-curah-hujan-bulan-september-tahun-2022-update-dari-analisis-bulan-juni-tahun-2022-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-bulanan/4115-prakiraan-curah-hujan-bulana
...
show less
Hacking
Web App Attack
Anonymous
2025-03-17 18:57:54
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐ฎ๐ฉ
hermawan
2025-03-17 17:46:37
(1 year ago)
[Tue Mar 18 00:45:03.356144 2025] [security2:error] [pid 87165:tid 140566744880832] [client 57.141.3 ...
show more
[Tue Mar 18 00:45:03.356144 2025] [security2:error] [pid 87165:tid 140566744880832] [client 57.141.3.5:52090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/analisis-iklim/analisis-bulanan/analisis-hari-tanpa-hujan-berturut-turut-maksimum/1205-analisis-bulanan-hari-tanpa-hujan-berturut-turut-maksimum-di-provinsi-jawa-timur-bulan-september-oktober-november-tahun-2019 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-bulanan/analisis-hari-tanpa-hujan-berturut-turut-maksimum/1205-analisis-bulanan-hari-tanpa-hujan-berturut-turut-maksimu
...
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2025-03-15 19:05:22
(1 year ago)
Too many Status 40X (12)
Request Overload (109)
Brute-Force
Web App Attack
๐ป๐ณ
Xuan Can
2025-03-15 15:50:57
(1 year ago)
(mod_security) mod_security (id:20000222) triggered by 57.141.3.5 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:20000222) triggered by 57.141.3.5 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 15 22:50:54.170588 2025] [security2:error] [pid 34032:tid 28484] [remote 57.141.3.5:38926] [client 57.141.3.5] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-admin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "46"] [id "20000222"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/huong-dan-sua-loi-khong-duoc-phep-truy-cap-wp-admin-trong-wordpress.html/amp"] [unique_id "Z9Wh3jN6c5svAGAjvhXdVwABDB4"]
show less
Brute-Force
SSH
๐บ๐ธ
mnsf
2025-03-13 04:05:10
(1 year ago)
Too many Status 40X (17)
Brute-Force
Web App Attack
๐ฎ๐ฉ
hermawan
2025-03-12 19:39:37
(1 year ago)
[Thu Mar 13 02:30:31.680399 2025] [security2:error] [pid 4662:tid 140529662600896] [client 57.141.3. ...
show more
[Thu Mar 13 02:30:31.680399 2025] [security2:error] [pid 4662:tid 140529662600896] [client 57.141.3.5:42270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-bulanan/3937-prakiraan-curah-hujan-bulanan/prakiraan-curah-hujan-bulanan-di-propinsi-jawa-timur/prakiraan-curah-hujan-bulanan-di-propinsi-jawa-timur-tahun-2019/555557662-prakiraan-bulanan-curah-hujan-bulan-januari-tahun-2020-update-dari-analisis-bulan-oktober-2019-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-bulanan/3937-prakiraan-curah-hujan-bulanan/praki
...
show less
Hacking
Web App Attack
Anonymous
2025-03-11 16:40:05
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐ฎ๐ฉ
hermawan
2025-03-11 04:30:43
(1 year ago)
[Tue Mar 11 11:26:30.972869 2025] [security2:error] [pid 36312:tid 139732350473920] [client 57.141.3 ...
show more
[Tue Mar 11 11:26:30.972869 2025] [security2:error] [pid 36312:tid 139732350473920] [client 57.141.3.5:34892] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/prakiraan-musim/269-prakiraan-musim-kemarau/prakiraan-awal-musim-kemarau/prakiraan-awal-musim-kemarau-di-propinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-musim/269-prakiraan-musim-kemarau/prakiraan-awal-musim-kemarau/prakiraan-awal-musim-kemarau-di-propinsi-jawa-timur"] [unique_id "Z8-7dpLaVBpiEstoAPzmvAAAyTE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[36
...
show less
Hacking
Web App Attack
Anonymous
2025-03-08 04:33:17
(1 year ago)
Malicious activity detected
Hacking
Web App Attack
Anonymous
2025-03-05 11:52:32
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
๐บ๐ธ
mnsf
2025-03-04 00:05:12
(1 year ago)
Too many Status 40X (12)
Request Overload (217)
Brute-Force
Web App Attack
๐บ๐ธ
MPL
2025-03-03 23:14:28
(1 year ago)
tcp/443 (12 or more attempts)
Port Scan
๐ฎ๐ฉ
hermawan
2025-03-01 07:35:47
(1 year ago)
[Sat Mar 01 14:33:09.646041 2025] [security2:error] [pid 14530:tid 139661464757952] [client 57.141.3 ...
show more
[Sat Mar 01 14:33:09.646041 2025] [security2:error] [pid 14530:tid 139661464757952] [client 57.141.3.5:60428] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Agent" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "187"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Agent found within REQUEST_HEADERS:User-Agent: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler) request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini"] [unique_id "Z8K4NbrJm0KJuMxcrd2y2gABSRU"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[14552] [dbhN70r+NvY] [Z8K4NbrJm0KJuMxcrd2y2gABSRU] keep_alive=[1] [2025-03-01 14:33:09.646046] [R:Z8K4NbrJm0KJuMxcrd2y2gABSRU] UA:'meta-externalagent/1.
...
show less
Hacking
Web App Attack