Getting error response with status code, but alert triggered is "Probe not accessible"

[raosan]

Describe the bug
This bug is noticeable in Neo sense, where incident happen. The incident data is having response with status code 403, but the alert that is triggered is the Probe not accessible

I suspect there is race condition in this part of monika code where there is possibility the second if will be triggered. The second if should have been an else? could be wrong tho, need to find out

To Reproduce
Steps to reproduce the behavior:

1. Run Neosense, create new monitor to this https://pertanian.go.id/ or any simulated probe
2. Get error or simulate the probe that will return error like these (pay attention that mostly happen when the status code is 403):

{"body":"","headers":{"date":"Fri, 15 Mar 2024 02:19:07 GMT","content-type":"text/html; charset=UTF-8","transfer-encoding":"chunked","connection":"keep-alive","x-frame-options":"sameorigin","x-xss-protection":"1;  mode=block","strict-transport-security":"max-age=31536000; includeSubdomains;","referrer-policy":"strict-origin-when-cross-origin","content-security-policy":"frame-ancestors 'self' *www.pertanian.go.id","x-content-type-options":"nosniff","last-modified":"Thu, 16 Oct 2014 13:20:58 GMT","accept-ranges":"bytes","cf-cache-status":"DYNAMIC","server":"cloudflare","cf-ray":"86490445ac754385-EWR"},"status":403,"time":1127,"error":"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"https://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\"><html><head>\n<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">\n<title>Apache HTTP Server Test Page powered by CentOS</title>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n\n<link href=\"/noindex/css/bootstrap.min.css\" rel=\"stylesheet\">\n<link rel=\"stylesheet\" href=\"noindex/css/open-sans.css\" type=\"text/css\" />\n<style type=\"text/css\"><!--\t\t \n\nbody {\n  font-family: \"Open Sans\", Helvetica, sans-serif;\n  font-weight: 100;\n  color: #ccc;\n  background: rgba(10, 24, 55, 1);\n  font-size: 16px;\n}\n\nh2, h3, h4 {\n  font-weight: 200;\n}\n\nh2 {\n  font-size: 28px;\n}\n\n.jumbotron {\n  margin-bottom: 0;\n  color: #333;\n  background: rgb(212,212,221); /* Old browsers */\n  background: radial-gradient(ellipse at center top, rgba(255,255,255,1) 0%,rgba(174,174,183,1) 100%); /* W3C */\n}\n\n.jumbotron h1 {\n  font-size: 128px;\n  font-weight: 700;\n  color: white;\n  text-shadow: 0px 2px 0px #abc,\n               0px 4px 10px rgba(0,0,0,0.15),\n               0px 5px 2px rgba(0,0,0,0.1),\n               0px 6px 30px rgba(0,0,0,0.1);\n}\n\n.jumbotron p {\n  font-size: 28px;\n  font-weight: 100;\n}\n\n.main {\n   background: white;\n   color: #234;\n   border-top: 1px solid rgba(0,0,0,0.12);\n   padding-top: 30px;\n   padding-bottom: 40px;\n}\n\n.footer {\n   border-top: 1px solid rgba(255,255,255,0.2);\n   padding-top: 30px;\n}\n\n    --></style>\n</head>\n<body>\n<div class=\"jumbotron text-center\">\n<div class=\"container\">\n<h1>Testing 123..</h1>\n<p class=\"lead\">This page is used to test the proper operation of the <a href=\"https://apache.org\">Apache HTTP server</a> after it has been installed. If you can read this page it means that this site is working properly. This server is powered by <a href=\"https://centos.org\">CentOS</a>.</p>\n</div>\n</div>\n<div class=\"main\">\n<div class=\"container\">\n<div class=\"row\">\n<div class=\"col-sm-6\">\n<h2>Just visiting?</h2>\n<p class=\"lead\">The website you just visited is either experiencing problems or is undergoing routine maintenance.</p>\n<p>If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them e-mail. In general, mail sent to the name \"webmaster\" and directed to the website's domain should reach the appropriate person.</p>\n<p>For example, if you experienced problems while visiting www.example.com, you should send e-mail to \"<a href=\"/cdn-cgi/l/email-protection\" class=\"__cf_email__\" data-cfemail=\"394e5c5b54584a4d5c4b795c41585449555c175a5654\">[email&#160;protected]</a>\".</p>\n</div>\n<div class=\"col-sm-6\">\n<h2>Are you the Administrator?</h2>\n<p>You should add your website content to the directory <tt>/var/www/html/</tt>.</p>\n<p>To prevent this page from ever being used, follow the instructions in the file <tt>/etc/httpd/conf.d/welcome.conf</tt>.</p>\n<h2>Promoting Apache and CentOS</h2>\n<p>You are free to use the images below on Apache and CentOS Linux powered HTTP servers. Thanks for using Apache and CentOS!</p>\n<p><a href=\"https://httpd.apache.org/\"><img src=\"images/apache_pb.gif\" alt=\"[ Powered by Apache ]\"></a> <a href=\"https://www.centos.org/\"><img src=\"images/poweredby.png\" alt=\"[ Powered by CentOS Linux ]\" height=\"31\" width=\"88\"></a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div class=\"footer\">\n<div class=\"container\">\n<div class=\"row\">\n<div class=\"col-sm-6\">\n<h2>Important note:</h2>\n<p class=\"lead\">The CentOS Project has nothing to do with this website or its content,\nit just provides the software that makes the website run.</p>\n<p>If you have issues with the content of this site, contact the owner of the domain, not the CentOS project.\nUnless you intended to visit CentOS.org, the CentOS Project does not have anything to do with this website,\nthe content or the lack of it.</p>\n<p>For example, if this website is www.example.com, you would find the owner of the example.com domain at the following WHOIS server:</p>\n<p><a href=\"https://www.internic.net/whois.html\">https://www.internic.net/whois.html</a></p>\n</div>\n<div class=\"col-sm-6\">\n<h2>The CentOS Project</h2>\n<p>The CentOS Linux distribution is a stable, predictable, manageable and reproduceable platform derived from\nthe sources of Red Hat Enterprise Linux (RHEL).<p>\n<p>Additionally to being a popular choice for web hosting, CentOS also provides a rich platform for open source communities to build upon. For more information\nplease visit the <a href=\"https://www.centos.org/\">CentOS website</a>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<script data-cfasync=\"false\" src=\"/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js\"></script><script>(function(){var js = \"window['__CF$cv$params']={r:'86490445ac754385',t:'MTcxMDQ2OTE0Ny42MjEwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);\";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}if (document.readyState !== 'loading') {handler();} else if (window.addEventListener) {document.addEventListener('DOMContentLoaded', handler);} else {var prev = document.onreadystatechange || function () {};document.onreadystatechange = function (e) {prev(e);if (document.readyState !== 'loading') {document.onreadystatechange = prev;handler();}};}})();</script></body></html>\n"}

or

{"body":"","headers":{"date":"Sun, 14 Jan 2024 15:29:23 GMT","content-type":"text/html; charset=UTF-8","transfer-encoding":"chunked","connection":"keep-alive","x-frame-options":"SAMEORIGIN","referrer-policy":"same-origin","cache-control":"max-age=15","expires":"Sun, 14 Jan 2024 15:29:38 GMT","server":"cloudflare","cf-ray":"8456ea0b5cba0f5d-EWR"},"status":403,"time":17,"error":"<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ie7 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 8]>    <html class=\"no-js ie8 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if gt IE 8]><!--> <html class=\"no-js\" lang=\"en-US\"> <!--<![endif]-->\n<head>\n<title>Attention Required! | Cloudflare</title>\n<meta charset=\"UTF-8\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\" />\n<meta name=\"robots\" content=\"noindex, nofollow\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1\" />\n<link rel=\"stylesheet\" id=\"cf_styles-css\" href=\"/cdn-cgi/styles/cf.errors.css\" />\n<!--[if lt IE 9]><link rel=\"stylesheet\" id='cf_styles-ie-css' href=\"/cdn-cgi/styles/cf.errors.ie.css\" /><![endif]-->\n<style>body{margin:0;padding:0}</style>\n\n\n<!--[if gte IE 10]><!-->\n<script>\n  if (!navigator.cookieEnabled) {\n    window.addEventListener('DOMContentLoaded', function () {\n      var cookieEl = document.getElementById('cookie-alert');\n      cookieEl.style.display = 'block';\n    })\n  }\n</script>\n<!--<![endif]-->\n\n\n</head>\n<body>\n  <div id=\"cf-wrapper\">\n    <div class=\"cf-alert cf-alert-error cf-cookie-error\" id=\"cookie-alert\" data-translate=\"enable_cookies\">Please enable cookies.</div>\n    <div id=\"cf-error-details\" class=\"cf-error-details-wrapper\">\n      <div class=\"cf-wrapper cf-header cf-error-overview\">\n        <h1 data-translate=\"block_headline\">Sorry, you have been blocked</h1>\n        <h2 class=\"cf-subheadline\"><span data-translate=\"unable_to_access\">You are unable to access</span> pertanian.go.id</h2>\n      </div><!-- /.header -->\n\n      <div class=\"cf-section cf-highlight\">\n        <div class=\"cf-wrapper\">\n          <div class=\"cf-screenshot-container cf-screenshot-full\">\n            \n              <span class=\"cf-no-screenshot error\"></span>\n            \n          </div>\n        </div>\n      </div><!-- /.captcha-container -->\n\n      <div class=\"cf-section cf-wrapper\">\n        <div class=\"cf-columns two\">\n          <div class=\"cf-column\">\n            <h2 data-translate=\"blocked_why_headline\">Why have I been blocked?</h2>\n\n            <p data-translate=\"blocked_why_detail\">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>\n          </div>\n\n          <div class=\"cf-column\">\n            <h2 data-translate=\"blocked_resolve_headline\">What can I do to resolve this?</h2>\n\n            <p data-translate=\"blocked_resolve_detail\">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>\n          </div>\n        </div>\n      </div><!-- /.section -->\n\n      <div class=\"cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300\">\n  <p class=\"text-13\">\n    <span class=\"cf-footer-item sm:block sm:mb-1\">Cloudflare Ray ID: <strong class=\"font-semibold\">8456ea0b5cba0f5d</strong></span>\n    <span class=\"cf-footer-separator sm:hidden\">&bull;</span>\n    <span id=\"cf-footer-item-ip\" class=\"cf-footer-item hidden sm:block sm:mb-1\">\n      Your IP:\n      <button type=\"button\" id=\"cf-footer-ip-reveal\" class=\"cf-footer-ip-reveal-btn\">Click to reveal</button>\n      <span class=\"hidden\" id=\"cf-footer-ip\">104.156.251.18</span>\n      <span class=\"cf-footer-separator sm:hidden\">&bull;</span>\n    </span>\n    <span class=\"cf-footer-item sm:block sm:mb-1\"><span>Performance &amp; security by</span> <a rel=\"noopener noreferrer\" href=\"https://www.cloudflare.com/5xx-error-landing\" id=\"brand_link\" target=\"_blank\">Cloudflare</a></span>\n    \n  </p>\n  <script>(function(){function d(){var b=a.getElementById(\"cf-footer-item-ip\"),c=a.getElementById(\"cf-footer-ip-reveal\");b&&\"classList\"in b&&(b.classList.remove(\"hidden\"),c.addEventListener(\"click\",function(){c.classList.add(\"hidden\");a.getElementById(\"cf-footer-ip\").classList.remove(\"hidden\")}))}var a=document;document.addEventListener&&a.addEventListener(\"DOMContentLoaded\",d)})();</script>\n</div><!-- /.error-footer -->\n\n\n    </div><!-- /#cf-error-details -->\n  </div><!-- /#cf-wrapper -->\n\n  <script>\n  window._cf_translation = {};\n  \n  \n</script>\n\n<script>(function(){var js = \"window['__CF$cv$params']={r:'8456ea0b5cba0f5d',t:'MTcwNTI0NjE2My43MzcwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);\";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}if (document.readyState !== 'loading') {handler();} else if (window.addEventListener) {document.addEventListener('DOMContentLoaded', handler);} else {var prev = document.onreadystatechange || function () {};document.onreadystatechange = function (e) {prev(e);if (document.readyState !== 'loading') {document.onreadystatechange = prev;handler();}};}})();</script></body>\n</html>\n"}

3. You will get new row in event table in NEO sense with alertId that is triggered is the "Probe not accessible"

Expected behavior
If monika got error response with status code 403, alert Probe not accessible should not be triggered, instead the alert HTTP Status is {{ response.status }}, expecting 200 should be the one to be triggered