Im George Egri, the Co-Founder and CEO of BitNinja Server Security. Im writing to inform you that we have detected malicious requests from the IP 126.96.36.199 directed at our clients servers.
As a result of these attacks, we have added your IP to our greylist to prevent it from attacking our clients servers.
Servers are increasingly exposed as the targets of botnet attacks and you might not be aware that your server is being used as a bot to send malicious attacks over the Internet.
I’ve collected the 3 earliest logs below, and you can find the freshest 100, that may help you disinfect your server, under the link.
http://bitninja.io/incidentReport.php?details=b2cc06ec5c030b582f?utm_source=incident&utm_content=publicpage. The timezone is UTC +1:00.
188.8.131.52 - - [11/May/2021:10:43:04 -0300] "POST /produtos.php?idcat=999999.9'+%2f**%2fuNiOn%2f**%2faLl+%2f**%2fsElEcT+0x393133353134353632312e39+and+'0'='0&scat=65& HTTP/1.1" 200 226 "http://###.im###as.###.br/produtos.php?idcat=999999.9'+%2f**%2fuNiOn%2f**%2faLl+%2f**%2fsElEcT+0x393133353134353632312e39+and+'0'='0&scat=65&" "Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-PT; rv:1.#.#.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)" SenseLog id [80_1_010] Message [ApacheSQLI]]