๐ฉ๐ช
anycast_ac
2026-07-04 01:54:12
(1 day ago)
[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8443 (generic).
Commands captur ...
show more
[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8443 (generic).
Commands captured:
$
show less
DDoS Attack
IoT Targeted
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-02 14:03:23
(2 days ago)
(mod_security) mod_security (id:949110) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:949110) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:03:17.250898 2026] [security2:error] [pid 819:tid 819] [client 172.70.247.9:13635] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "psqeng.com"] [uri "/.git/config"] [unique_id "akZvpQ06UJtCqrlTp_THqwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 18:12:17
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 14:12:14.188811 2026] [security2:error] [pid 30471:tid 30471] [client 172.70.247.9:12717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "denemeblog.osmanbozkurt.com"] [uri "/.git/config"] [unique_id "aiRi_t5o11AVUq_eJKrzgQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 19:57:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:56:57.601635 2026] [security2:error] [pid 19882:tid 19882] [client 172.70.247.9:11934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rkm.biz"] [uri "/.git/config"] [unique_id "aiCHCdfV-DcS-5P-yHgOCwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 19:05:46
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฉ๐ช
acadeova
2026-05-25 12:39:04
(1 month ago)
๐จ Recon detected (nft drop)
SRC=172.70.247.9
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journa ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.247.9
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ฉ๐ช
abdubhai
2026-04-08 06:06:27
(2 months ago)
172.70.247.9 - - [08/Apr/2026:11
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-03 22:02:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 18:02:10.863029 2026] [security2:error] [pid 21468:tid 21468] [client 172.70.247.9:10315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.domainbydomain.com"] [uri "/.git/config"] [unique_id "adA44lOTeDUC2xYo7kEPhAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-04-03 03:06:36
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 02:48:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 22:48:42.208495 2026] [security2:error] [pid 18004:tid 18004] [client 172.70.247.9:13476] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arklatexds.wisk.org"] [uri "/.git/refs/heads/master"] [unique_id "ac8qiq5VJeEU-rs1lW6JBgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hazzard
2026-03-31 13:26:02
(3 months ago)
(apache-empty-ua) Failed empty apache-ua trigger with match [redacted]): (CF_ENABLE)
Hacking
๐ซ๐ท
dynamix
2026-03-31 03:12:02
(3 months ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-03-30 22:30:23
(3 months ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 15:16:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 11:16:22.632245 2026] [security2:error] [pid 28205:tid 28237] [client 172.70.247.9:9763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ceol.us"] [uri "/.git/index"] [unique_id "acqTxq8pGV0pf3Xmkcr5ZgAAAEE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 13:44:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:44:26.979481 2026] [security2:error] [pid 9474:tid 9492] [client 172.70.247.9:13251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rosicruciansociety.com"] [uri "/.git/HEAD"] [unique_id "acp-OjpQC7YgIxiO9xa6cAAAAJA"]
show less
Brute-Force
Bad Web Bot
Web App Attack