๐ฎ๐ฉ
hermawan
2026-06-28 02:36:34
(2 days ago)
[Sun Jun 28 09:36:31.301080 2026] [security2:error] [pid 553645:tid 139761674057408] [client 66.253. ...
show more
[Sun Jun 28 09:36:31.301080 2026] [security2:error] [pid 553645:tid 139761674057408] [client 66.253.183.181:55563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "akCIr1GlDcpkPODwuS3b7gACUwc"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[553653] [jBMPNYedcuY] [akCIr1GlDcpkPODwuS3b7gACUwc] keep_alive=[1] [2026-06-28 09:36:31.301084] [R:akCIr1GlDcpkPODwuS3b7gACUwc] UA:'Mozilla/5.0 (Linux; Android 8.0.0; SM-J
...
show less
Email Spam
Hacking
๐ฎ๐น
VHosting
2026-06-17 21:11:28
(1 week ago)
Detected mail brute force attack from 4 different servers
Brute-Force
๐ฎ๐ฉ
hermawan
2026-06-15 21:48:53
(2 weeks ago)
[Tue Jun 16 04:48:50.956716 2026] [security2:error] [pid 228045:tid 139893146633920] [client 66.253. ...
show more
[Tue Jun 16 04:48:50.956716 2026] [security2:error] [pid 228045:tid 139893146633920] [client 66.253.183.181:59991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/monitoring-dan-prediksi-curah-hujan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/monitoring-dan-prediksi-curah-hujan"] [unique_id "ajBzQiXGmq22mbgtdZAiWAABywM"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[228078] [zpa3yhEdHn0] [ajBzQiXGmq22mbgtdZAiWAABywM] keep_alive=[1] [2026-06-16 04:48:50.956720] [R:ajBzQiXGmq22mbgtdZAiWAABywM] UA:'Mozilla/5.0 (Linu
...
show less
Email Spam
Hacking
๐ฉ๐ช
pltcldvlpr
2026-06-12 04:29:03
(2 weeks ago)
Bogus Useragent: 66.253.183.181 - - [12/Jun/2026:06:29:03 +0200] "GET /protocol?id=be_16_65&offset=4 ...
show more
Bogus Useragent: 66.253.183.181 - - [12/Jun/2026:06:29:03 +0200] "GET /protocol?id=be_16_65&offset=400&seq=530 HTTP/1.1" 200 349140 "-" "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.0; Trident/4.1)" asn=23473 org="PAVLOV MEDIA INC" country=US
...
show less
Bad Web Bot
๐ฎ๐ฉ
hermawan
2026-06-11 13:14:17
(2 weeks ago)
[Thu Jun 11 20:14:12.992226 2026] [security2:error] [pid 1719476:tid 139768571598528] [client 66.253 ...
show more
[Thu Jun 11 20:14:12.992226 2026] [security2:error] [pid 1719476:tid 139768571598528] [client 66.253.183.181:50890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "aiq0pKMC27s3RvwcQnqGfwAADAU"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1719482] [jJ3hIrqTs4M] [aiq0pKMC27s3RvwcQnqGfwAADAU] keep_alive=[1] [2026-06-11 20:14:12.992232] [R:aiq0pKMC27s3RvwcQnqGfwAADAU] UA:'Mozilla/5.0 (Linux; Android 13; SM-S9
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-08 16:10:52
(3 weeks ago)
[Mon Jun 08 23:10:48.925875 2026] [security2:error] [pid 1222380:tid 140661932803776] [client 66.253 ...
show more
[Mon Jun 08 23:10:48.925875 2026] [security2:error] [pid 1222380:tid 140661932803776] [client 66.253.183.181:61762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /index.php HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "aibpiHLYfsErNpbWSdZpBwAEFgY"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1222387] [BcPrQED4BYU] [aibpiHLYfsErNpbWSdZpBwAEFgY] keep_alive=[1] [2026-06-08 23:10:48.925881] [R:aibpiHLYfsErNpbWSdZpBwAEFgY] UA:'Mozilla/5.0 (Linux; Android 14; Pixel 6 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.119 Mobile Safari/537.36 OPR/81.2.4292.78581' Hos
...
show less
Email Spam
Hacking
๐ฎ๐ฉ
hermawan
2026-06-06 18:42:21
(3 weeks ago)
[Sun Jun 07 01:42:16.662529 2026] [security2:error] [pid 209554:tid 140594035721920] [client 66.253. ...
show more
[Sun Jun 07 01:42:16.662529 2026] [security2:error] [pid 209554:tid 140594035721920] [client 66.253.183.181:59924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET / HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aiRqCARSzzhtWSzPpJMu-QAAFxY"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[209597] [KmvlIprmnLk] [aiRqCARSzzhtWSzPpJMu-QAAFxY] keep_alive=[1] [2026-06-07 01:42:16.662532] [R:aiRqCARSzzhtWSzPpJMu-QAAFxY] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/124.0 Mobile/15E148 Safari/605.1.15' Host:'staklim-jatim.bmkg.go.id:
...
show less
Email Spam
Hacking
๐ฉ๐ช
EGP Abuse Dept
2026-05-03 03:29:00
(1 month ago)
Scraping webshop URLs (www.creall.com), likely botnet drone
Bad Web Bot
Exploited Host
๐ฎ๐ฉ
xveil
2026-04-12 12:38:43
(2 months ago)
2026-04-12T19:38:40.805971 mail-honeypot postfix/submission/smtpd[24542]: warning: host-183-181.ilcm ...
show more
2026-04-12T19:38:40.805971 mail-honeypot postfix/submission/smtpd[24542]: warning: host-183-181.ilcmi2.champaign.il.us.clients.pavlovmedia.net[66.253.183.181]: SASL LOGIN authentication failed: authentication failure
...
show less
Brute-Force
Anonymous
2025-12-15 04:30:33
(6 months ago)
botnet
DDoS Attack
Anonymous
2024-02-24 06:22:36
(2 years ago)
This IP was involved in an brute force and password spray attack on 2024/02/24 00:21:04
Port Scan
Brute-Force
Exploited Host
Web App Attack