Anonymous
2025-02-05 01:59:00
(1 week ago)
SQL Injection bruter - AWS NOVA SCUM as always
Hacking
SQL Injection
Brute-Force
Bad Web Bot
arthome.info
2025-01-27 19:03:00
(3 weeks ago)
[Fri Jan 17 07:15:01.305289 2025] [security2:error] [pid 3131880:tid 3132093] [client 98.83.110.164: ... show more [Fri Jan 17 07:15:01.305289 2025] [security2:error] [pid 3131880:tid 3132093] [client 98.83.110.164:0] [client 98.83.110.164] ModSecurity: Warning. Pattern match"\\\\bon(?:abort|blur|change|click|dblclick|dragdrop|error|focus|keydown|keypress|keyup|load|mouse(?:down|move|out|over|up)|move|readystatechange|reset|resize|select|submit|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/modsecurity.d/rules/comodo_free/07_XSS_XSS.conf"] [line "72"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected||...|F|2"] [data "Matched Data: onload= found within REQUEST_URI: /image.php?id=<body onload=alert('xss')>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "..."] [uri "/image.php"] [unique_id "Z4n1ZTMg2laHiJNdlRH3dwAACrs"]
[Fri Jan 17 07:15:01.305317 2025] [security2:error] [pid 3131880:tid 3132093] [client 98.83.110.164:0] [client 98.83.110.164] ModSecurity: Warning. P... show less
Hacking
Anonymous
2025-01-17 17:18:00
(1 month ago)
hacking
DDoS Attack
Hacking
SQL Injection
Brute-Force
Exploited Host
Web App Attack
zynex
2025-01-17 14:53:57
(1 month ago)
SQL Injection in QueryString parameter: or 1=' AND (SELECT 1 FROM (SELECT COUNT(*), CONCAT((SE ... show more SQL Injection in QueryString parameter: or 1=' AND (SELECT 1 FROM (SELECT COUNT(*), CONCAT((SELECT (SELECT CONCAT(CAST(VERSION() AS CHAR),0x7e))), FLOOR(RAND(0) * 2)) x FROM INFORMATION_SCHEMA.TABLES GROUP BY x) a)-- and 1=1 show less
SQL Injection
John Akermanis
2025-01-17 14:21:00
(1 month ago)
Injecting markup and script attempts, SQL injection hacks
Hacking
SQL Injection
Anonymous
2025-01-17 08:51:00
(1 month ago)
HTTP.URI.SQL.Injection
Web App Attack
Kepler-1649c
2025-01-17 07:59:00
(1 month ago)
HTTP.URI.SQL.Injection
Hacking
SQL Injection
TPI-Abuse
2025-01-17 07:22:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 98.83.110.164 (ec2-98-83-110-164.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 98.83.110.164 (ec2-98-83-110-164.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 02:22:49.629410 2025] [security2:error] [pid 5246:tid 5246] [client 98.83.110.164:52549] [client 98.83.110.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.laboquimia.es"] [uri "/.env"] [unique_id "Z4oFSaJFrLbXWretmdkJ2gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-17 07:05:03
(1 month ago)
Automatic report - Vulnerability scan
/adminer.php
Web App Attack
Aetherweb Ark
2025-01-17 06:52:39
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 98.83.110.164 (US/United States/ec2-98-83-110-1 ... show more (mod_security) mod_security (id:210350) triggered by 98.83.110.164 (US/United States/ec2-98-83-110-164.compute-1.amazonaws.com): N in the last X secs show less
Web App Attack
Anonymous
2025-01-17 06:52:02
(1 month ago)
Bot / scanning and/or hacking attempts: GET /bestanden/artikelen/5/48_Programme_Climmar_Congres_Riga ... show more Bot / scanning and/or hacking attempts: GET /bestanden/artikelen/5/48_Programme_Climmar_Congres_Riga_20, GET /.env HTTP/1.1 show less
Hacking
Web App Attack
TPI-Abuse
2025-01-17 06:49:47
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 98.83.110.164 (ec2-98-83-110-164.compute-1.amaz ... show more (mod_security) mod_security (id:210350) triggered by 98.83.110.164 (ec2-98-83-110-164.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 01:49:38.808036 2025] [security2:error] [pid 6310:tid 6310] [client 98.83.110.164:61825] [client 98.83.110.164] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.jwwsb.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.jwwsb.org"] [uri "/index.php"] [unique_id "Z4n9gj_XOkJo7qwNyP1JlAAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
ITX
2025-01-17 06:36:00
(1 month ago)
Hacking attempts
Hacking
SQL Injection
Ba-Yu
2025-01-17 06:35:30
(1 month ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
RidgeStar
2025-01-17 05:59:14
(1 month ago)
2025-01-16T21:59:00-08:00: <script>alert('XSS')</script>
2025-01-16T21:5 ... show more 2025-01-16T21:59:00-08:00: <script>alert('XSS')</script>
2025-01-16T21:58:53-08:00: <script>alert('XSS')</script>
2025-01-16T21:58:50-08:00: <script>alert('XSS')</script>
2025-01-16T21:58:42-08:00: <script>alert('XSS')</script>
2025-01-16T21:58:38-08:00: <script>alert('XSS')</script> show less
Port Scan
Hacking