๐บ๐ธ
TPI-Abuse
2026-07-02 11:14:28
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:14:21.670319 2026] [security2:error] [pid 19762:tid 19762] [client 172.70.240.49:12412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frankpollicino.com"] [uri "/.git/config"] [unique_id "akZIDfOSuVfvCsHrpa9TUQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-30 02:37:15
(2 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-06-29 11:10:34
(3 days ago)
[Mon Jun 29 13:10:32.861648 2026] [authz_core:error] [pid 21598] [client 172.70.240.49:14060] AH0163 ...
show more
[Mon Jun 29 13:10:32.861648 2026] [authz_core:error] [pid 21598] [client 172.70.240.49:14060] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Jun 29 13:10:32.927536 2026] [authz_core:error] [pid 21598] [client 172.70.240.49:14060] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Jun 29 13:10:33.022105 2026] [authz_core:error] [pid 21598] [client 172.70.240.49:14060] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐ซ๐ฎ
Erpelstolz
2026-06-27 11:53:02
(5 days ago)
external host: 172.70.240.49 - - [27/Jun/2026:13:52:59 +0200] "GET /wp-admin/install.php?step=1 HTTP ...
show more
external host: 172.70.240.49 - - [27/Jun/2026:13:52:59 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 5663 "-" "http://erpelstolz.com/wp-admin/install.php?step=1" CF-Ray:a1243faa0a52e570-FRA CF-IP:-
show less
Web App Attack
Anonymous
2026-06-26 07:34:42
(6 days ago)
[Fri Jun 26 09:34:41.430871 2026] [authz_core:error] [pid 12280] [client 172.70.240.49:12448] AH0163 ...
show more
[Fri Jun 26 09:34:41.430871 2026] [authz_core:error] [pid 12280] [client 172.70.240.49:12448] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Jun 26 09:34:41.528605 2026] [authz_core:error] [pid 12280] [client 172.70.240.49:12448] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Jun 26 09:34:41.586447 2026] [authz_core:error] [pid 12280] [client 172.70.240.49:12448] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2026-06-25 12:12:42
(1 week ago)
[Thu Jun 25 14:12:41.357260 2026] [authz_core:error] [pid 20637] [client 172.70.240.49:12545] AH0163 ...
show more
[Thu Jun 25 14:12:41.357260 2026] [authz_core:error] [pid 20637] [client 172.70.240.49:12545] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Thu Jun 25 14:12:41.405374 2026] [authz_core:error] [pid 20637] [client 172.70.240.49:12545] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Thu Jun 25 14:12:41.450162 2026] [authz_core:error] [pid 20637] [client 172.70.240.49:12545] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 04:22:51
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 00:22:47.974704 2026] [security2:error] [pid 4506:tid 4506] [client 172.70.240.49:9528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eiltopofictioncritique.com"] [uri "/.git/config"] [unique_id "ajDPlwPASJkV2qNcfqEfdAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-11 19:50:44
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ง๐ท
maviei
2026-06-11 11:44:56
(3 weeks ago)
2026-06-11T08:44:53.704994-03:00 srv1251771 kernel: [945124.009501] [UFW BLOCK] IN=eth0 OUT= MAC=40: ...
show more
2026-06-11T08:44:53.704994-03:00 srv1251771 kernel: [945124.009501] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.70.240.49 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=43801 DF PROTO=TCP SPT=13616 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-11T08:44:54.710476-03:00 srv1251771 kernel: [945125.015568] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.70.240.49 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=43802 DF PROTO=TCP SPT=13616 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-11T08:44:55.733592-03:00 srv1251771 kernel: [945126.038580] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.70.240.49 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=43803 DF PROTO=TCP SPT=13616 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐ฆ๐น
nomzamo
2026-06-10 23:45:54
(3 weeks ago)
Fail2Ban reported: nginx-noscript
Brute-Force
Bad Web Bot
๐ฉ๐ช
srtzero
2026-06-10 14:13:08
(3 weeks ago)
172.70.240.49 - - [10/Jun/2026:16:13:08 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 " ...
show more
172.70.240.49 - - [10/Jun/2026:16:13:08 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐ฉ๐ช
srtzero
2026-06-08 06:36:41
(3 weeks ago)
172.70.240.49 - - [08/Jun/2026:08:36:40 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 " ...
show more
172.70.240.49 - - [08/Jun/2026:08:36:40 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐ฉ๐ช
Blexyel
2026-06-07 02:30:55
(3 weeks ago)
172.70.240.49 - - [07/Jun/2026:04:30:54 +0200] "GET /.git/config HTTP/1.1" 404 120 "-" "curl/8.4.0"
...
show more
172.70.240.49 - - [07/Jun/2026:04:30:54 +0200] "GET /.git/config HTTP/1.1" 404 120 "-" "curl/8.4.0"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 12:46:14
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:46:08.719499 2026] [security2:error] [pid 6691:tid 6691] [client 172.70.240.49:11874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medusakenya.com"] [uri "/.git/config"] [unique_id "aiFzkGiZu66flaM6191MDwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-03 07:51:40
(4 weeks ago)
[Wed Jun 03 09:51:39.607248 2026] [authz_core:error] [pid 24705] [client 172.70.240.49:12899] AH0163 ...
show more
[Wed Jun 03 09:51:39.607248 2026] [authz_core:error] [pid 24705] [client 172.70.240.49:12899] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Wed Jun 03 09:51:39.640688 2026] [authz_core:error] [pid 24705] [client 172.70.240.49:12899] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Wed Jun 03 09:51:39.666381 2026] [authz_core:error] [pid 24705] [client 172.70.240.49:12899] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack