๐ฌ๐ง
OptimusGO
2026-07-09 06:27:59
(1 day ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-07-09 07:27:59 UTC
Log evidence:
172.70.247.169 - - [09/Jul/2026:07:27:59 +0100] "GET / HTTP/1.1" 200 409 "-" "Go-http-client/1.1"
07/09/2026-07:27:59.146460 [**] [1:1000201:1] SCANNER: Bot-like User-Agent Detected [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 172.70.247.169:13004 -> 185.127.18.66:80
07/09/2026-07:27:59.146460 [**] [1:2060252:1] ET INFO Go-http-client User-Agent Observed Inbound [**] [Classification: Misc activity] [Priority: 3] {TCP} 172.70.247.169:13004 -> 185.127.18.66:80
show less
Port Scan
Brute-Force
Anonymous
2026-07-07 02:50:11
(3 days ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 05:15:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 01:15:29.305658 2026] [security2:error] [pid 10354:tid 10354] [client 172.70.247.169:12680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.buyhealthy.net"] [uri "/.git/config"] [unique_id "aj4K8eZ8GUqBgMzxfIVE0wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-21 06:03:20
(2 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 16:07:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 12:07:26.686775 2026] [security2:error] [pid 14922:tid 14922] [client 172.70.247.169:11107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bickleton.org"] [uri "/.git/config"] [unique_id "aiGivhRQNMhkf3nIosRTsAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 08:45:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 04:45:19.434855 2026] [security2:error] [pid 17846:tid 17910] [client 172.70.247.169:13364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accushot.com"] [uri "/.git/config"] [unique_id "ah6YH9bOtqpFbAw9nRBadwAAAgE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2026-05-14 06:03:50
(1 month ago)
172.70.247.169 - - [14/May/2026:00:03:50 -0600] "GET /.git/config HTTP/2.0" 301 390 "-" "curl/8.4.0" ...
show more
172.70.247.169 - - [14/May/2026:00:03:50 -0600] "GET /.git/config HTTP/2.0" 301 390 "-" "curl/8.4.0"
...
show less
Web App Attack
๐บ๐ธ
wimaxnz
2026-05-11 01:25:18
(1 month ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-08 10:06:01
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 06:05:53.570715 2026] [security2:error] [pid 21212:tid 21212] [client 172.70.247.169:11486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diselet.com"] [uri "/.git/config"] [unique_id "af21gWASqReCFwoOMVxKkQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-08 08:00:30
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 04:00:26.932709 2026] [security2:error] [pid 4009:tid 4009] [client 172.70.247.169:12747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jadeiteglobalholdings.com"] [uri "/.git/config"] [unique_id "af2YGv6_rxhYPVir875CWAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
wimaxnz
2026-05-07 00:07:58
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
๐บ๐ธ
wimaxnz
2026-05-04 02:38:18
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
๐ฆ๐ฑ
router.al
2026-05-01 19:16:05
(2 months ago)
05/01/2026-19:16:04.962303 172.70.247.169 Protocol: 6 ET EXPLOIT GraphQL Introspection Query Attempt
Hacking
๐ฆ๐ฑ
router.al
2026-04-30 19:42:07
(2 months ago)
04/30/2026-19:42:06.949168 172.70.247.169 Protocol: 6 GPL WEB_SERVER 403 Forbidden
Port Scan
๐บ๐ธ
TPI-Abuse
2026-04-30 12:59:30
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 08:59:23.110903 2026] [security2:error] [pid 24033:tid 24033] [client 172.70.247.169:11925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jodstar.com"] [uri "/.git/config"] [unique_id "afNSK5rK7cebYje6hWHcqwAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack