T-Pot honeypot: 30 hits in 15min on port(s) 1048 (P0f/Suricata/Honeytrap). Port scan / unsolicited c ...
show moreT-Pot honeypot: 30 hits in 15min on port(s) 1048 (P0f/Suricata/Honeytrap). Port scan / unsolicited connection. Automated report.
show less
Observed systematic automated reconnaissance (T1595) targeting the mod_pagespeed module to identify ...
show moreObserved systematic automated reconnaissance (T1595) targeting the mod_pagespeed module to identify potential Server-Side Request Forgery (SSRF) or Open Redirect vulnerabilities. Forensic log analysis confirms unauthorized POST requests directed at /mod_pagespeed_beacon with URL parameters pointing to internal Roundcube webmail artifacts, indicating an attempt to probe or pivot into mail infrastructure metadata. While external threat intelligence reflects low confidence, the behavioral artifacts represent clear automated vulnerability research (T1190). All malicious ingress attempts were successfully neutralized at the application tier, resulting in HTTP 403 Forbidden responses.
show less