hermawan - AbuseIPDB User Profile

Enter an IP Address, Domain Name, or Subnet:

e.g. 3.235.45.196, microsoft.com, or 5.188.10.0/24

User hermawan, the webmaster of karangploso.jatim.bmkg.go.id, joined AbuseIPDB in March 2018 and has reported 227,963* IP addresses.

*Cached value. Updated daily.

10,000+ REPORTED IPS ACTIVE USER WEBMASTER SUPPORTER

IP	Date	Comment	Categories
87.26.18.75	3 minutes ago	1597248264 - 08/12/2020 23:04:24 Host: host-87-26-18-75.business.telecomitalia.it/87.26.18.75 Port: ... show more1597248264 - 08/12/2020 23:04:24 Host: host-87-26-18-75.business.telecomitalia.it/87.26.18.75 Port: 23 TCP Blocked ... show less	Port Scan Hacking
109.149.52.108	11 minutes ago	1597247815 - 08/12/2020 22:56:55 Host: host109-149-52-108.range109-149.btcentralplus.com/109.149.52. ... show more1597247815 - 08/12/2020 22:56:55 Host: host109-149-52-108.range109-149.btcentralplus.com/109.149.52.108 Port: 23 TCP Blocked ... show less	Port Scan Hacking
117.254.154.9	28 minutes ago	1597246780 - 08/12/2020 22:39:40 Host: 117.254.154.9/117.254.154.9 Port: 23 TCP Blocked ...	Port Scan Hacking
93.174.93.91	28 minutes ago	[Wed Aug 12 22:39:23.431707 2020] [:error] [pid 21929:tid 140197941847808] [client 93.174.93.91:5734 ... show more[Wed Aug 12 22:39:23.431707 2020] [:error] [pid 21929:tid 140197941847808] [client 93.174.93.91:57342] [client 93.174.93.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/boaform/admin/formLogin"] [unique_id "XzQNKwotcKFsJG8-idzNOAAAAko"], referer: http://103.27.207.197:80/admin/login.asp ... show less	Hacking Web App Attack
37.26.20.203	29 minutes ago	1597246721 - 08/12/2020 22:38:41 Host: 37.26.20.203/37.26.20.203 Port: 23 TCP Blocked ...	Port Scan Hacking
69.171.251.120	30 minutes ago	[Wed Aug 12 22:37:34.002571 2020] [:error] [pid 19514:tid 140197983811328] [client 69.171.251.120:58 ... show more[Wed Aug 12 22:37:34.002571 2020] [:error] [pid 19514:tid 140197983811328] [client 69.171.251.120:58018] [client 69.171.251.120] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/disquss-v2.js"] [unique_id "XzQMva4LnIZaefSKehvG9gAC0AI"] ... show less	Hacking Web App Attack
69.171.251.1	30 minutes ago	[Wed Aug 12 22:37:31.326247 2020] [:error] [pid 19514:tid 140197983811328] [client 69.171.251.1:5714 ... show more[Wed Aug 12 22:37:31.326247 2020] [:error] [pid 19514:tid 140197983811328] [client 69.171.251.1:57148] [client 69.171.251.1] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v3.js"] [unique_id "XzQMu64LnIZaefSKehvG8wAC0QI"] ... show less	Hacking Web App Attack
34.73.178.3	40 minutes ago	[Wed Aug 12 22:27:52.430841 2020] [:error] [pid 19145:tid 140197950240512] [client 34.73.178.3:45941 ... show more[Wed Aug 12 22:27:52.430841 2020] [:error] [pid 19145:tid 140197950240512] [client 34.73.178.3:45941] [client 34.73.178.3] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "staklim-malang.info"] [uri "/"] [unique_id "XzQKeFxdoR12AQsoeO8ilwAAAZU"] ... show less	Hacking Web App Attack
78.111.242.40	41 minutes ago	1597245991 - 08/12/2020 22:26:31 Host: 78-111-242-40.static.tvingo.ru/78.111.242.40 Port: 23 TCP Blo ... show more1597245991 - 08/12/2020 22:26:31 Host: 78-111-242-40.static.tvingo.ru/78.111.242.40 Port: 23 TCP Blocked ... show less	Port Scan Hacking
46.229.168.163	45 minutes ago	[Wed Aug 12 22:22:50.938084 2020] [:error] [pid 19165:tid 140197950240512] [client 46.229.168.163:32 ... show more[Wed Aug 12 22:22:50.938084 2020] [:error] [pid 19165:tid 140197950240512] [client 46.229.168.163:32950] [client 46.229.168.163] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[[email protected]#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^[email protected]#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){12})" at ARGS:id. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1255"] [id "942430"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12)"] [data "Matched Data: :prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal- found within ARGS:id: 539:prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-19-mei-25-mei-2015"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag ... show less	Hacking Web App Attack
89.248.174.193	49 minutes ago	1597245512 - 08/12/2020 22:18:32 Host: security.criminalip.com/89.248.174.193 Port: 6379 TCP Blocked ... show more1597245512 - 08/12/2020 22:18:32 Host: security.criminalip.com/89.248.174.193 Port: 6379 TCP Blocked ... show less	Port Scan Hacking
196.52.43.64	52 minutes ago	1597245340 - 08/12/2020 22:15:40 Host: 196.52.43.64.netsystemsresearch.com/196.52.43.64 Port: 11211 ... show more1597245340 - 08/12/2020 22:15:40 Host: 196.52.43.64.netsystemsresearch.com/196.52.43.64 Port: 11211 TCP Blocked ... show less	Port Scan Hacking
185.39.11.105	1 hour ago	[Wed Aug 12 22:03:17.376112 2020] [:error] [pid 19145:tid 140197950240512] [client 185.39.11.105:428 ... show more[Wed Aug 12 22:03:17.376112 2020] [:error] [pid 19145:tid 140197950240512] [client 185.39.11.105:42816] [client 185.39.11.105] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/boaform/admin/formLogin"] [unique_id "XzQEtVxdoR12AQsoeO8ilgAAAZU"], referer: http://103.27.207.197:80/admin/login.asp ... show less	Hacking Web App Attack
5.255.253.180	1 hour ago	[Wed Aug 12 21:59:13.123734 2020] [:error] [pid 19504:tid 140197865977600] [client 5.255.253.180:412 ... show more[Wed Aug 12 21:59:13.123734 2020] [:error] [pid 19504:tid 140197865977600] [client 5.255.253.180:41210] [client 5.255.253.180] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XzQDwRbmCCXQZRmoFG8QZwAAAqU"] ... show less	Hacking Web App Attack
120.236.251.175	1 hour ago	1597244053 - 08/12/2020 21:54:13 Host: 120.236.251.175/120.236.251.175 Port: 23 TCP Blocked .. ... show more1597244053 - 08/12/2020 21:54:13 Host: 120.236.251.175/120.236.251.175 Port: 23 TCP Blocked ... show less	Port Scan Hacking
128.14.133.58	1 hour ago	1597243979 - 08/12/2020 21:52:59 Host: zl-lax-us-gp3-wk104.internet-census.org/128.14.133.58 Port: 8 ... show more1597243979 - 08/12/2020 21:52:59 Host: zl-lax-us-gp3-wk104.internet-census.org/128.14.133.58 Port: 8080 TCP Blocked ... show less	Port Scan Hacking
173.252.127.118	1 hour ago	[Wed Aug 12 21:52:29.340902 2020] [:error] [pid 19504:tid 140197967025920] [client 173.252.127.118:5 ... show more[Wed Aug 12 21:52:29.340902 2020] [:error] [pid 19504:tid 140197967025920] [client 173.252.127.118:57962] [client 173.252.127.118] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/IcoMoon.woff"] [unique_id "XzQB6RbmCCXQZRmoFG8NGwACpQA"] ... show less	Hacking Web App Attack
213.180.203.13	1 hour ago	[Wed Aug 12 21:51:45.203330 2020] [:error] [pid 19514:tid 140197941847808] [client 213.180.203.13:40 ... show more[Wed Aug 12 21:51:45.203330 2020] [:error] [pid 19514:tid 140197941847808] [client 213.180.203.13:40934] [client 213.180.203.13] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XzQCAa4LnIZaefSKehvGcAAAAtE"] ... show less	Hacking Web App Attack
173.252.127.9	1 hour ago	[Wed Aug 12 21:51:21.322639 2020] [:error] [pid 19145:tid 140197967025920] [client 173.252.127.9:622 ... show more[Wed Aug 12 21:51:21.322639 2020] [:error] [pid 19145:tid 140197967025920] [client 173.252.127.9:62280] [client 173.252.127.9] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v116.css"] [unique_id "XzQB6VxdoR12AQsoeO8ilAABlgA"] ... show less	Hacking Web App Attack
129.213.80.126	1 hour ago	[Wed Aug 12 21:34:46.500217 2020] [:error] [pid 17863:tid 140197950240512] [client 129.213.80.126:54 ... show more[Wed Aug 12 21:34:46.500217 2020] [:error] [pid 17863:tid 140197950240512] [client 129.213.80.126:54953] [client 129.213.80.126] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive\|close),\\\\s?(?:keep-alive\|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "311"] [id "920210"] [msg "Multiple/Conflicting Connection Header Data Found."] [data "close, close"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "[email protected]"] ... show less	Hacking Web App Attack
195.54.160.21	1 hour ago	1597242220 - 08/12/2020 21:23:40 Host: 195.54.160.21/195.54.160.21 Port: 3000 TCP Blocked ...	Port Scan Hacking
193.92.84.61	1 hour ago	1597242114 - 08/12/2020 21:21:54 Host: 193.92.84.61.dsl.dyn.forthnet.gr/193.92.84.61 Port: 23 TCP Bl ... show more1597242114 - 08/12/2020 21:21:54 Host: 193.92.84.61.dsl.dyn.forthnet.gr/193.92.84.61 Port: 23 TCP Blocked ... show less	Port Scan Hacking
5.45.207.175	2 hours ago	[Wed Aug 12 21:07:33.912071 2020] [:error] [pid 17863:tid 140197865977600] [client 5.45.207.175:5861 ... show more[Wed Aug 12 21:07:33.912071 2020] [:error] [pid 17863:tid 140197865977600] [client 5.45.207.175:58618] [client 5.45.207.175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XzP3pYNAph9ydwkSA3AG7gAAAqU"] ... show less	Hacking Web App Attack
69.171.251.116	2 hours ago	[Wed Aug 12 21:04:57.136284 2020] [:error] [pid 16379:tid 140197975418624] [client 69.171.251.116:50 ... show more[Wed Aug 12 21:04:57.136284 2020] [:error] [pid 16379:tid 140197975418624] [client 69.171.251.116:50784] [client 69.171.251.116] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-dasarian/monitoring-hari-tanpa-hujan-berturut-turut/555558204-analisis-dasarian-monitoring-hari-tanpa-hujan-berturut-turut-update-10-agustus-2020-di-provinsi-jawa-timur"] [unique_id "XzP3CdqS-5LxJxhez7AgDwACSQE"] ... show less	Hacking Web App Attack
139.59.8.10	2 hours ago	1597240948 - 08/12/2020 21:02:28 Host: 139.59.8.10/139.59.8.10 Port: 23 TCP Blocked ...	Port Scan Hacking