ghostwarriors
2024-12-14 16:50:05
(3 hours ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
thefoofighter
2024-12-14 14:24:45
(5 hours ago)
[Sat Dec 14 14:24:44.576418 2024] [:error] [pid 4192230] [client 148.153.56.82:42932] [client 148.15 ... show more [Sat Dec 14 14:24:44.576418 2024] [:error] [pid 4192230] [client 148.153.56.82:42932] [client 148.153.56.82] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "63.250.44.172"] [uri "/K9ph"] [unique_id "Z12VLL_IJItegdsLVi5d7AAAAAc"]
[Sat Dec 14 14:24:44.861211 2024] [:error] [pid 4192612] [client 148.153.56.82:42934] [client 148.153.56.82] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"]
... show less
Bad Web Bot
Web App Attack
Anonymous
2024-12-14 08:16:43
(12 hours ago)
DNS Compromise
DDoS Attack
ThreatBook.io
2024-12-14 01:07:03
(19 hours ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/148.153.56.82
20 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/148.153.56.82
2024-12-13 00:08:04 /jquery-3.3.2.slim.min.js
2024-12-13 00:08:03 /jquery-3.3.1.slim.min.js
2024-12-13 00:08:00 /Wci9
2024-12-13 00:08:01 /4Qdt
2024-12-13 00:08:02 /aab8
2024-12-13 00:08:04 /aab9 show less
Web App Attack
mr_whitehat
2024-12-14 00:36:51
(19 hours ago)
Probed for vulnerable web application: request line: /aab8 (Possible exploit:Scanning for Cobalt Str ... show more Probed for vulnerable web application: request line: /aab8 (Possible exploit:Scanning for Cobalt Strike C2 server) show less
Web App Attack
dzpk
2024-12-13 14:47:02
(1 day ago)
[13/Dec/2024:15:47:01 +0100] 17341012212.245513 148.153.56.82 46270 HOST 443 [13/Dec/2024:15:47:01 + ... show more [13/Dec/2024:15:47:01 +0100] 17341012212.245513 148.153.56.82 46270 HOST 443 [13/Dec/2024:15:47:01 +0100] 173410122166.649077 148.153.56.82 46282 HOST 443 [13/Dec/2024:15:47:02 +0100] 173410122214.550415 148.153.56.82 46298 HOST 443 show less
Web App Attack
ut-addicted.com
2024-12-13 13:09:02
(1 day ago)
\[13/Dec/2024:14:08:58 +0100\] Z1wx6qJjxetd6qc2SsWzKwAAAAM 148.153.56.82 53012 172.31.1.100 443<br / ... show more \[13/Dec/2024:14:08:58 +0100\] Z1wx6qJjxetd6qc2SsWzKwAAAAM 148.153.56.82 53012 172.31.1.100 443
\[13/Dec/2024:14:08:59 +0100\] Z1wx63khKKCzvVMHoycncwAAANQ 148.153.56.82 53014 172.31.1.100 443
\[13/Dec/2024:14:09:00 +0100\] Z1wx7HkhKKCzvVMHoycndAAAAMo 148.153.56.82 53024 172.31.1.100 443 show less
Brute-Force
Web App Attack
Not Fake
2024-12-12 14:25:47
(2 days ago)
$f2bV_matches
Web App Attack
c y
2024-12-12 06:50:36
(2 days ago)
...
Port Scan
Brute-Force
Web App Attack
webbie
2024-12-12 03:43:59
(2 days ago)
148.153.56.82 - - [12/Dec/2024:04:43:55 +0100] "GET /tJFX HTTP/1.1" 404 3644 "Mozilla/5.0 (Macintosh ... show more 148.153.56.82 - - [12/Dec/2024:04:43:55 +0100] "GET /tJFX HTTP/1.1" 404 3644 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0"
148.153.56.82 - - [12/Dec/2024:04:43:55 +0100] "GET /c9zG HTTP/1.1" 404 3644 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0"
148.153.56.82 - - [12/Dec/2024:04:43:56 +0100] "GET /aab8 HTTP/1.1" 404 3644 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0"
148.153.56.82 - - [12/Dec/2024:04:43:57 +0100] "GET /jquery-3.3.1.slim.min.js HTTP/1.1" 404 3644 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0"
148.153.56.82 - - [12/Dec/2024:04:43:58 +0100] "GET /aab9 HTTP/1.1" 404 3644 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0"
... show less
Brute-Force
Web App Attack
diego
2024-12-11 16:03:55
(3 days ago)
[probe-44-49] 2024-12-11 16:03:55, Client: 148.153.56.82:42072, Protocol: 6, Unauthorized activity t ... show more [probe-44-49] 2024-12-11 16:03:55, Client: 148.153.56.82:42072, Protocol: 6, Unauthorized activity to HTTP: GET /Gun2 show less
Web App Attack
dwmosaics
2024-12-10 19:21:30
(4 days ago)
"GET /aab9 HTTP/1.1" 404 5036 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 1...
Brute-Force
Web App Attack
diego
2024-12-10 12:36:05
(4 days ago)
[arem1] 2024-12-10 12:36:05, Client: 148.153.56.82:37906, Protocol: 6, Unauthorized activity to HTTP ... show more [arem1] 2024-12-10 12:36:05, Client: 148.153.56.82:37906, Protocol: 6, Unauthorized activity to HTTP: GET /JFrZ show less
Web App Attack
archiv-pm
2024-12-10 01:56:19
(4 days ago)
Probing for resource vulnerabilities HTTP(S)
Web App Attack
mr_whitehat
2024-12-08 00:38:25
(6 days ago)
Probed for vulnerable web application: request line: /aab8 (Possible exploit:Scanning for Cobalt Str ... show more Probed for vulnerable web application: request line: /aab8 (Possible exploit:Scanning for Cobalt Strike C2 server) show less
Web App Attack