← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
KRVTZ IDS alerts for 2026-05-18
WHITE kravietz2048 2026-05-17 Modified: 2026-05-18
41
IOCs
MEDIUM VOLUME
IDS alerts from high-risk Wazuh and Suricata rules selected for IP ban
wazuhsuricata
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (41)
All IPv4 IPv6
TYPEINDICATORDESCRIPTIONCREATED
IPv4 194.62.107.162 ET INFO Request to Hidden Environment File - Inbound 2026-05-17
IPv4 194.62.107.225 ET INFO Request to Hidden Environment File - Inbound 2026-05-17
IPv4 194.62.107.162 ET INFO Request to Hidden Environment File - Inbound 2026-05-17
IPv6 2602:fb54:1a00::cb ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv6 2602:fb54:1a00::cb ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv6 2602:fb54:1a00::cb ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv6 2602:fb54:1a00::cb ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv4 43.165.167.69 ET USER_AGENTS User-Agent (_TEST_) 2026-05-18
IPv4 43.164.131.148 ET USER_AGENTS User-Agent (_TEST_) 2026-05-18
IPv4 43.162.109.249 ET USER_AGENTS User-Agent (_TEST_) 2026-05-18
IPv4 125.209.235.186 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 110.93.150.100 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 211.249.46.42 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 110.93.150.74 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 211.249.46.72 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 211.249.46.172 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 114.111.32.94 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv4 211.249.46.206 ET SCAN Naver Webcrawler User-Agent (Naver.me) 2026-05-18
IPv6 2001:470:1:fb5:b750:995e:139d:509a ET EXPLOIT Fortigate VPN - Repeated GET Requests to /remote/logincheck (CVE-2023-27997) 2026-05-18
IPv4 65.49.1.142 ET EXPLOIT Fortigate VPN - Repeated GET Requests to /remote/logincheck (CVE-2023-27997) 2026-05-18
IPv4 149.102.246.25 ET WEB_SERVER SQL Injection Select Sleep Time Delay 2026-05-18
IPv4 172.86.122.106 ET SCAN Laravel Debug Mode Information Disclosure Probe Inbound 2026-05-18
IPv4 82.23.221.67 ET SCAN Exabot Webcrawler User Agent 2026-05-18
IPv4 65.49.1.232 ET EXPLOIT Fortigate VPN - Repeated GET Requests to /remote/logincheck (CVE-2023-27997) 2026-05-18
IPv6 2a03:b0c0:1:d0::df1:d001 ET SCAN LeakIX Inbound User-Agent 2026-05-18
IPv6 2a03:b0c0:3:d0::11fa:8001 ET SCAN LeakIX Inbound User-Agent 2026-05-18
IPv4 139.59.136.184 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv4 142.93.143.8 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv4 139.59.143.102 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv4 64.226.65.160 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv4 107.150.120.129 ET WEB_SPECIFIC_APPS React Server Components React2Shell Unsafe Flight Protocol Property Access (CVE-2025-55182) 2026-05-18
IPv4 107.150.120.129 ET HUNTING Javascript Sandbox Escape via Global Object (process) 2026-05-18
IPv4 107.150.120.129 ET HUNTING Javascript Prototype Pollution Attempt via __proto__ in HTTP Body 2026-05-18
IPv6 2602:fb54:1400::183 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv6 2602:fb54:1400::183 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv6 2602:fb54:1400::183 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv6 2602:fb54:1400::183 ET INFO Request to Hidden Environment File - Inbound 2026-05-18
IPv4 140.245.121.218 ET SCAN WordPress Scanner Performing Multiple Requests to Windows Live Writer XML 2026-05-18
IPv4 43.161.234.148 ET USER_AGENTS User-Agent (_TEST_) 2026-05-18
IPv4 5.78.145.152 TGI HUNT HTTP POST to wp-.* Path Without Referer 2026-05-18
IPv4 45.154.98.214 ET SCAN WordPress Scanner Performing Multiple Requests to Windows Live Writer XML 2026-05-18