API tools faq
paste
Advertisement
Guest User

all.log

a guest
Oct 17th, 2013
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.39 KB | None | 0 0
raw download clone embed print report
  1. [2013-09-04 03:30:39.080484] [-:error] [pid 10228:tid 139776101426944] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 1 at TX. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "29"] [id "981202"] [msg "Correlated Attack Attempt Identified: (Total Score: 7, SQLi=1, XSS=) Inbound Attack (Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded Inbound Anomaly Score: 3) + Outbound Application Error (The application is not available - Outbound Anomaly Score: 4)"] [severity "ALERT"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "UiapXsCoALkAACf0issAAABK"]
  2. [2013-09-04 03:31:12.452536] [-:error] [pid 10284:tid 139776101426944] [client 186.220.148.246] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "UiapfMCoALkAACgs-xoAAADK"]
  3. [2013-09-07 21:37:15.927194] [-:error] [pid 29919:tid 139776111916800] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/facebook/style/style.css"] [unique_id "Uiuci8CoALkAAHTftroAAACH"]
  4. [2013-09-07 21:37:16.087797] [-:error] [pid 29919:tid 139776101426944] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/themes/lazyest-style.css"] [unique_id "Uiuci8CoALkAAHTftrsAAACI"]
  5. [2013-09-07 21:37:16.094967] [-:error] [pid 29919:tid 139776080447232] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/css/_ajax.css"] [unique_id "Uiuci8CoALkAAHTftr0AAACK"]
  6. [2013-09-07 21:37:16.095787] [-:error] [pid 29919:tid 139776090937088] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/css/_slideshow.css"] [unique_id "Uiuci8CoALkAAHTftrwAAACJ"]
  7. [2013-09-07 21:37:16.104159] [-:error] [pid 29919:tid 139776059467520] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/youtube_wpress/vbox/include/css/style.css"] [unique_id "Uiuci8CoALkAAHTftr8AAACM"]
  8. [2013-09-07 21:37:16.106114] [-:error] [pid 29919:tid 139776069957376] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/flipping-team/flipping-team.css"] [unique_id "Uiuci8CoALkAAHTftr4AAACL"]
  9. [2013-09-07 21:37:16.292821] [-:error] [pid 29919:tid 139776027997952] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/facebook/style/hide-wp-comments.css"] [unique_id "UiucjMCoALkAAHTftsMAAACP"]
  10. [2013-09-07 21:37:18.103339] [-:error] [pid 29919:tid 139776059467520] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/solo-jplayer.min.js"] [unique_id "UiucjcCoALkAAHTfttcAAACM"]
  11. [2013-09-07 21:37:18.131577] [-:error] [pid 29777:tid 139776257115904] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-includes/js/comment-reply.js"] [unique_id "UiucjsCoALkAAHRR1KoAAAAA"]
  12. [2013-09-07 21:37:18.135037] [-:error] [pid 29777:tid 139776153876224] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/tooltipsy.js"] [unique_id "UiucjsCoALkAAHRR1KgAAAAD"]
  13. [2013-09-07 21:37:18.136092] [-:error] [pid 29777:tid 139776132896512] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/custom.js"] [unique_id "UiucjsCoALkAAHRR1KsAAAAF"]
  14. [2013-09-07 21:37:18.138618] [-:error] [pid 29777:tid 139776143386368] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/izotope.js"] [unique_id "UiucjsCoALkAAHRR1KkAAAAE"]
  15. [2013-09-07 21:37:18.287780] [-:error] [pid 29919:tid 139776069957376] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/slides.jquery.js"] [unique_id "UiucjsCoALkAAHTfttgAAACL"]
  16. [2013-09-07 21:37:18.304654] [-:error] [pid 29919:tid 139776048977664] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/flipping-team/flipping-script.js"] [unique_id "UiucjsCoALkAAHTfttoAAACN"]
  17. [2013-09-07 21:37:18.313099] [-:error] [pid 29919:tid 139776038487808] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-includes/js/json2.js"] [unique_id "UiucjsCoALkAAHTfttsAAACO"]
  18. [2013-09-07 21:37:18.315939] [-:error] [pid 29919:tid 139776017508096] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/youtube_wpress/vbox/include/js/javascript_videos.js"] [unique_id "UiucjsCoALkAAHTftt0AAACQ"]
  19. [2013-09-07 21:37:18.343180] [-:error] [pid 29919:tid 139775986038528] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-gallery.js"] [unique_id "UiucjsCoALkAAHTftuIAAACT"]
  20. [2013-09-07 21:37:18.355730] [-:error] [pid 29919:tid 139775954568960] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-slideshow.js"] [unique_id "UiucjsCoALkAAHTftuQAAACW"]
  21. [2013-09-07 21:37:18.355873] [-:error] [pid 29919:tid 139776132896512] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-loader.js"] [unique_id "UiucjsCoALkAAHTftuUAAACF"]
  22. [2013-09-07 21:37:19.051656] [-:error] [pid 29919:tid 139776246626048] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/solo-jplayer.min.js"] [unique_id "UiucjsCoALkAAHTftwEAAACB"]
  23. [2013-09-07 21:37:20.122907] [-:error] [pid 29919:tid 139775965058816] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/tooltipsy.js"] [unique_id "Uiucj8CoALkAAHTftygAAACV"]
  24. [2013-09-07 21:37:20.415048] [-:error] [pid 29919:tid 139776111916800] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/izotope.js"] [unique_id "UiuckMCoALkAAHTftzgAAACH"]
  25. [2013-09-07 21:37:20.799599] [-:error] [pid 29919:tid 139776132896512] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/custom.js"] [unique_id "UiuckMCoALkAAHTft0gAAACF"]
  26. [2013-09-07 21:37:21.143116] [-:error] [pid 29777:tid 139775965058816] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-includes/js/comment-reply.js"] [unique_id "UiuckMCoALkAAHRR1LoAAAAV"]
  27. [2013-09-07 21:37:21.340088] [-:error] [pid 29919:tid 139776048977664] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/flipping-team/flipping-script.js"] [unique_id "UiuckcCoALkAAHTft1oAAACN"]
  28. [2013-09-07 21:37:21.457262] [-:error] [pid 29919:tid 139776080447232] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/youtube_wpress/vbox/include/js/javascript_videos.js"] [unique_id "UiuckcCoALkAAHTft2sAAACK"]
  29. [2013-09-07 21:37:21.678404] [-:error] [pid 29919:tid 139776038487808] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-includes/js/json2.js"] [unique_id "UiuckcCoALkAAHTft2wAAACO"]
  30. [2013-09-07 21:37:23.183720] [-:error] [pid 29919:tid 139776132896512] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-gallery.js"] [unique_id "Uiuck8CoALkAAHTft3MAAACF"]
  31. [2013-09-07 21:37:23.350424] [-:error] [pid 29777:tid 139775975548672] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-slideshow.js"] [unique_id "Uiuck8CoALkAAHRR1LwAAAAU"]
  32. [2013-09-07 21:37:23.647907] [-:error] [pid 29919:tid 139775996528384] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-loader.js"] [unique_id "Uiuck8CoALkAAHTft3QAAACS"]
  33. [2013-09-08 16:24:54.684337] [-:error] [pid 23103:tid 139776101426944] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/facebook/style/style.css"] [unique_id "Uiyk1sCoALkAAFo-HGcAAADH"]
  34. [2013-09-08 16:24:54.686864] [-:error] [pid 23103:tid 139776090937088] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/facebook/style/hide-wp-comments.css"] [unique_id "Uiyk1sCoALkAAFo-HGgAAADI"]
  35. [2013-09-08 16:24:54.849122] [-:error] [pid 23103:tid 139776080447232] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/themes/lazyest-style.css"] [unique_id "Uiyk1sCoALkAAFo-HGkAAADJ"]
  36. [2013-09-08 16:24:54.850617] [-:error] [pid 23103:tid 139776251225856] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/css/_slideshow.css"] [unique_id "Uiyk1sCoALkAAFo-HGoAAADA"]
  37. [2013-09-08 16:24:54.857570] [-:error] [pid 23103:tid 139776059467520] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/css/_ajax.css"] [unique_id "Uiyk1sCoALkAAFo-HGwAAADL"]
  38. [2013-09-08 16:24:54.860954] [-:error] [pid 23103:tid 139776069957376] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/flipping-team/flipping-team.css"] [unique_id "Uiyk1sCoALkAAFo-HGsAAADK"]
  39. [2013-09-08 16:24:54.862700] [-:error] [pid 22941:tid 139776240736000] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/youtube_wpress/vbox/include/css/style.css"] [unique_id "Uiyk1sCoALkAAFmduDAAAABB"]
  40. [2013-09-08 16:24:57.941915] [-:error] [pid 23103:tid 139776240736000] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/solo-jplayer.min.js"] [unique_id "Uiyk2cCoALkAAFo-HMcAAADB"]
  41. [2013-09-08 16:24:58.116150] [-:error] [pid 23103:tid 139776111916800] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/izotope.js"] [unique_id "Uiyk2cCoALkAAFo-HMgAAADG"]
  42. [2013-09-08 16:24:58.117553] [-:error] [pid 23103:tid 139776090937088] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/tooltipsy.js"] [unique_id "Uiyk2cCoALkAAFo-HMkAAADI"]
  43. [2013-09-08 16:24:58.129293] [-:error] [pid 23103:tid 139776101426944] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/custom.js"] [unique_id "Uiyk2cCoALkAAFo-HMoAAADH"]
  44. [2013-09-08 16:24:58.133652] [-:error] [pid 22941:tid 139776143386368] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-includes/js/json2.js"] [unique_id "Uiyk2sCoALkAAFmduDIAAABD"]
  45. [2013-09-08 16:24:58.135242] [-:error] [pid 23103:tid 139776132896512] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-includes/js/comment-reply.js"] [unique_id "Uiyk2cCoALkAAFo-HMsAAADE"]
  46. [2013-09-08 16:24:58.260386] [-:error] [pid 22970:tid 139775996528384] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/flipping-team/flipping-script.js"] [unique_id "Uiyk2sCoALkAAFm61K0AAACR"]
  47. [2013-09-08 16:24:58.277360] [-:error] [pid 22970:tid 139776007018240] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/youtube_wpress/vbox/include/js/javascript_videos.js"] [unique_id "Uiyk2sCoALkAAFm61K4AAACQ"]
  48. [2013-09-08 16:24:58.337574] [-:error] [pid 22941:tid 139776122406656] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-loader.js"] [unique_id "Uiyk2sCoALkAAFmduDQAAABF"]
  49. [2013-09-08 16:24:58.339962] [-:error] [pid 22941:tid 139776132896512] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-slideshow.js"] [unique_id "Uiyk2sCoALkAAFmduDMAAABE"]
  50. [2013-09-08 16:24:58.541646] [-:error] [pid 23103:tid 139776048977664] [client 186.220.148.246] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/lazyest-gallery/js/lazyest-gallery.js"] [unique_id "Uiyk2sCoALkAAFo-HNEAAADM"]
  51. [2013-09-08 23:55:07.751374] [-:error] [pid 23103:tid 139775975548672] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/themes/musicpro/js/slides.jquery.js"] [unique_id "Ui0OW8CoALkAAFo-HUkAAADT"]
  52. [2013-09-08 23:55:07.782249] [-:error] [pid 23103:tid 139775933589248] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/wp-content/plugins/flipping-team/jquery.flip.min.js"] [unique_id "Ui0OW8CoALkAAFo-HUoAAADX"]
  53. [2013-09-08 23:56:07.523282] [-:error] [pid 22970:tid 139775975548672] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0OlMCoALkAAFm61LgAAACT"]
  54. [2013-09-08 23:58:54.707369] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(?i)(<script[^>]*>[\\\\s\\\\S]*?<\\\\/script[^>]*>|<script[^>]*>[\\\\s\\\\S]*?<\\\\/script[[\\\\s\\\\S]]*[\\\\s\\\\S]|<script[^>]*>[\\\\s\\\\S]*?<\\\\/script[\\\\s]*[\\\\s]|<script[^>]*>[\\\\s\\\\S]*?<\\\\/script|<script[^>]*>[\\\\s\\\\S]*?)" at ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_41_xss_attacks.conf"] [line "14"] [id "973336"] [rev "1"] [msg "XSS Filter - Category 1: Script Tag Vector"] [data "Matched Data: <script> found within ARGS:s: <script> corinthians"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.7"] [maturity "1"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  55. [2013-09-08 23:58:54.708926] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:950901-OWASP_CRS/WEB_ATTACK/SQL_INJECTION-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25, SQLi=5, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: script> corinthians"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  56. [2013-09-08 23:58:54.709068] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:973336-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25, SQLi=5, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  57. [2013-09-08 23:58:54.709180] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:958051-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25, SQLi=5, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  58. [2013-09-08 23:58:54.709297] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:973300-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25, SQLi=5, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  59. [2013-09-08 23:58:54.709399] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:0. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25, SQLi=5, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  60. [2013-09-08 23:58:54.709505] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:973331-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25, SQLi=5, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  61. [2013-09-08 23:58:55.012931] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "37"] [id "981204"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 25, SQLi=5, XSS=20): IE XSS Filters - Attack Detected."] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0PPsCoALkAAFo-HwwAAADK"]
  62. [2013-09-09 00:23:47.227423] [-:error] [pid 23103:tid 139776240736000] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0VEMCoALkAAFo-HxgAAADB"]
  63. [2013-09-09 00:23:55.000358] [-:error] [pid 23103:tid 139776069957376] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0VGcCoALkAAFo-HyUAAADK"]
  64. [2013-09-09 00:24:00.612862] [-:error] [pid 23103:tid 139776111916800] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0VHsCoALkAAFo-HyYAAADG"]
  65. [2013-09-09 00:24:06.080891] [-:error] [pid 23103:tid 139776153876224] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 1 at TX. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "29"] [id "981202"] [msg "Correlated Attack Attempt Identified: (Total Score: 7, SQLi=1, XSS=) Inbound Attack (Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded Inbound Anomaly Score: 3) + Outbound Application Error (The application is not available - Outbound Anomaly Score: 4)"] [severity "ALERT"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0VJcCoALkAAFo-HykAAADC"]
  66. [2013-09-09 00:24:49.710642] [-:error] [pid 23103:tid 139776101426944] [client 186.220.148.246] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0VTsCoALkAAFo-HyoAAADH"]
  67. [2013-09-09 00:03:36.881810] [-:error] [pid 24536:tid 140121896593152] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 4 at TX:outbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "40"] [id "981205"] [msg "Outbound Anomaly Score Exceeded (score 4): The application is not available"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0QWMbHU0UAAF-Yv4AAAAER"]
  68. [2013-09-09 00:04:50.972285] [-:error] [pid 24536:tid 140122139637504] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 1 at TX. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "29"] [id "981202"] [msg "Correlated Attack Attempt Identified: (Total Score: 7, SQLi=1, XSS=) Inbound Attack (Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded Inbound Anomaly Score: 3) + Outbound Application Error (The application is not available - Outbound Anomaly Score: 4)"] [severity "ALERT"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0QosbHU0UAAF-Yv40AAAEB"]
  69. [2013-09-09 00:05:08.692948] [-:error] [pid 24738:tid 140121949042432] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0QsMbHU0UAAGCi-JgAAADM"]
  70. [2013-09-09 00:06:14.421912] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(?i)(<script[^>]*>[\\\\s\\\\S]*?<\\\\/script[^>]*>|<script[^>]*>[\\\\s\\\\S]*?<\\\\/script[[\\\\s\\\\S]]*[\\\\s\\\\S]|<script[^>]*>[\\\\s\\\\S]*?<\\\\/script[\\\\s]*[\\\\s]|<script[^>]*>[\\\\s\\\\S]*?<\\\\/script|<script[^>]*>[\\\\s\\\\S]*?)" at ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_41_xss_attacks.conf"] [line "14"] [id "973336"] [rev "1"] [msg "XSS Filter - Category 1: Script Tag Vector"] [data "Matched Data: <script> found within ARGS:s: <script>"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.7"] [maturity "1"] [accuracy "8"] [tag "OWASP_CRS/WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6.5.1"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  71. [2013-09-09 00:06:14.427751] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:973336-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20, SQLi=, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  72. [2013-09-09 00:06:14.427849] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:958051-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20, SQLi=, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  73. [2013-09-09 00:06:14.427934] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:973300-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20, SQLi=, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  74. [2013-09-09 00:06:14.428141] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:0. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20, SQLi=, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  75. [2013-09-09 00:06:14.428309] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Pattern match "(.*)" at TX:973331-OWASP_CRS/WEB_ATTACK/XSS-ARGS:s. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "26"] [id "981176"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20, SQLi=, XSS=20): Last Matched Message: IE XSS Filters - Attack Detected."] [data "Last Matched Data: <script>"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  76. [2013-09-09 00:06:14.524927] [-:error] [pid 24535:tid 140122032961280] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "37"] [id "981204"] [msg "Inbound Anomaly Score Exceeded (Total Inbound Score: 20, SQLi=, XSS=20): IE XSS Filters - Attack Detected."] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Q9sbHU0UAAF-XU9YAAAAE"]
  77. [2013-09-09 00:07:43.565500] [-:error] [pid 24738:tid 140121970022144] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0RS8bHU0UAAGCi-RMAAADK"]
  78. [2013-09-09 00:21:12.894361] [-:error] [pid 24738:tid 140121907083008] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 1 at TX. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "29"] [id "981202"] [msg "Correlated Attack Attempt Identified: (Total Score: 7, SQLi=1, XSS=) Inbound Attack (Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded Inbound Anomaly Score: 3) + Outbound Application Error (The application is not available - Outbound Anomaly Score: 4)"] [severity "ALERT"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0UeMbHU0UAAGCi-RoAAADQ"]
  79. [2013-09-09 00:21:19.065463] [-:error] [pid 24738:tid 140121844143872] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 1 at TX. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "29"] [id "981202"] [msg "Correlated Attack Attempt Identified: (Total Score: 7, SQLi=1, XSS=) Inbound Attack (Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded Inbound Anomaly Score: 3) + Outbound Application Error (The application is not available - Outbound Anomaly Score: 4)"] [severity "ALERT"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0Uf8bHU0UAAGCi-RsAAADW"]
  80. [2013-09-09 00:21:22.055836] [-:error] [pid 24738:tid 140121896593152] [client 177.148.201.194] ModSecurity: Warning. Operator GE matched 1 at TX. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "29"] [id "981202"] [msg "Correlated Attack Attempt Identified: (Total Score: 7, SQLi=1, XSS=) Inbound Attack (Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded Inbound Anomaly Score: 3) + Outbound Application Error (The application is not available - Outbound Anomaly Score: 4)"] [severity "ALERT"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0UgsbHU0UAAGCi-RwAAADR"]
  81. [2013-09-09 00:21:37.099830] [-:error] [pid 24536:tid 140122150127360] [client 177.148.201.194] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/opt/apps/httpd/conf/owasp-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=1, XSS=): Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [hostname "www.domain.com.br"] [uri "/wp/"] [unique_id "Ui0UjsbHU0UAAF-Yv-kAAAEA"]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!