πΊπΈ
wimaxnz
2026-05-01 05:40:42
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
πΊπΈ
TPI-Abuse
2026-04-30 08:54:38
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 04:54:33.517544 2026] [security2:error] [pid 3212:tid 3220] [client 172.70.243.83:11344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.theworldinstituteofslowness.com"] [uri "/.git/config"] [unique_id "afMYyUce_X-36cJH7mFxWQAAAIU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
wimaxnz
2026-04-29 04:52:13
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
πΊπΈ
wimaxnz
2026-04-28 00:42:02
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
πΊπΈ
TPI-Abuse
2026-04-07 10:13:27
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 06:13:21.989349 2026] [security2:error] [pid 1433424:tid 1433424] [client 172.70.243.83:10898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mphq.net"] [uri "/.env.development.local"] [unique_id "adTYwe2mB9CvZCD_CXpASAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-04-04 13:05:35
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:Cf-Worker. (5025-197)
Hacking
πΊπΈ
TPI-Abuse
2026-04-04 08:36:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 04:36:35.971731 2026] [security2:error] [pid 30010:tid 30010] [client 172.70.243.83:11140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.emoside.imerka.com.mx"] [uri "/.git/refs/heads/master"] [unique_id "adDNk3sHjwYJWBcFYpePaQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 14:04:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 10:04:32.523092 2026] [security2:error] [pid 13639:tid 13639] [client 172.70.243.83:11443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ralserve.net"] [uri "/.env.dev"] [unique_id "ac53cIcMQkovFtt0xSiR2QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨πΏ
Countryman
2026-03-31 18:14:43
(3 months ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
π¨πΏ
Countryman
2026-03-31 18:14:43
(3 months ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
πΊπΈ
mnsf
2026-03-31 14:05:24
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-31 11:22:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 07:22:07.635103 2026] [security2:error] [pid 24088:tid 24088] [client 172.70.243.83:10642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jpwatters.net"] [uri "/.env.dist"] [unique_id "acuuX1sud0VtzbCASOWrGQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-03-31 01:54:08
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:cf-worker. (5025-201)
Hacking
πΊπΈ
TPI-Abuse
2026-03-30 15:45:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 11:45:04.636940 2026] [security2:error] [pid 11381:tid 11381] [client 172.70.243.83:10629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrisdenem.com"] [uri "/.env_backup"] [unique_id "acqagK85wWpnnI1CCtmLawAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 00:03:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.243.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 20:03:43.063314 2026] [security2:error] [pid 7921:tid 7921] [client 172.70.243.83:12180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.energycapitalinvestments.com"] [uri "/.git/logs/HEAD"] [unique_id "acm938ZtBuDaIvMEDbWi3QAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack