πΊπΈ
TPI-Abuse
2026-07-15 09:22:34
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 05:22:24.656316 2026] [security2:error] [pid 23719:tid 23719] [client 172.70.248.175:14309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "versahealthcare.versacardio.com"] [uri "/.env"] [unique_id "aldRULg_hw9VvTlj1KH_fQAAADI"], referer: https://www.google.com/search?q=versahealthcare.versacardio.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π·πΊ
DZBOT
2026-07-07 19:40:43
(1 week ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-06-29 12:05:30
(2 weeks ago)
[Mon Jun 29 14:05:28.846385 2026] [authz_core:error] [pid 22259] [client 172.70.248.175:11546] AH016 ...
show more
[Mon Jun 29 14:05:28.846385 2026] [authz_core:error] [pid 22259] [client 172.70.248.175:11546] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Jun 29 14:05:28.885759 2026] [authz_core:error] [pid 22259] [client 172.70.248.175:11546] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Jun 29 14:05:29.097441 2026] [authz_core:error] [pid 22259] [client 172.70.248.175:11546] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 13:35:40
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:35:36.429724 2026] [security2:error] [pid 29260:tid 29279] [client 172.70.248.175:11872] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidchapa.com.104ventures.com"] [uri "/.git/config"] [unique_id "aj6AKHxtAqrvB6TwZqGWkAAAARE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§π·
maviei
2026-06-26 07:26:31
(3 weeks ago)
2026-06-26T04:26:28.191193-03:00 srv1251771 kernel: [2225615.140393] [UFW BLOCK] IN=eth0 OUT= MAC=40 ...
show more
2026-06-26T04:26:28.191193-03:00 srv1251771 kernel: [2225615.140393] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.70.248.175 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=45902 DF PROTO=TCP SPT=12896 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-26T04:26:29.244924-03:00 srv1251771 kernel: [2225616.193936] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.70.248.175 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=45903 DF PROTO=TCP SPT=12896 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-26T04:26:30.269660-03:00 srv1251771 kernel: [2225617.218405] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.70.248.175 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=45904 DF PROTO=TCP SPT=12896 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
Port Scan
π¦π±
router.al
2026-06-17 11:57:37
(1 month ago)
06/17/2026-11:57:37.038970 172.70.248.175 Protocol: 6 ET SCAN LeakIX Inbound User-Agent
Hacking
πΊπΈ
TPI-Abuse
2026-06-09 03:32:40
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:32:35.807758 2026] [security2:error] [pid 11448:tid 11448] [client 172.70.248.175:9261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackhorrormovie.fractalsky.com"] [uri "/.git/config"] [unique_id "aieJU4X0MXU7bQoQRlxRrQAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-04 20:19:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:19:05.216641 2026] [security2:error] [pid 3712:tid 3712] [client 172.70.248.175:11344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.manosentuayuda.org"] [uri "/.git/config"] [unique_id "aiHduQ4Jx9dIw-fACz3hlgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
ipoac.nl
2026-06-03 21:14:28
(1 month ago)
-:443 172.70.248.175 - - [03/Jun/2026:23:14:27 +0200] - "GET /.git/config HTTP/2.0" 404 1738 "-" "Wg ...
show more
-:443 172.70.248.175 - - [03/Jun/2026:23:14:27 +0200] - "GET /.git/config HTTP/2.0" 404 1738 "-" "Wget/1.21.3 (linux-gnu)"
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-02 13:57:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:56:59.267703 2026] [security2:error] [pid 6682:tid 6682] [client 172.70.248.175:11243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spacerecording.com"] [uri "/.git/config"] [unique_id "ah7hK_gsenwT5R0r0H80agAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-02 13:25:48
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:25:42.914397 2026] [security2:error] [pid 7358:tid 7358] [client 172.70.248.175:10750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennedysplace.com"] [uri "/.git/config"] [unique_id "ah7Z1uj5mrfELe1XXhEL6gAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-02 09:01:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:01:40.471260 2026] [security2:error] [pid 10239:tid 10239] [client 172.70.248.175:12545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drjaymissdiana.com"] [uri "/.git/config"] [unique_id "ah6b9OenbjmWtH026lsfugAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-06-02 04:06:10
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-02 03:39:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 23:39:03.897221 2026] [security2:error] [pid 28107:tid 28107] [client 172.70.248.175:11477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wildlifetaxidermy.com"] [uri "/.git/config"] [unique_id "ah5QV-fsMCzBLBMM4NTAQwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-05-29 22:04:42
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28.
show less
Web App Attack
SSH
Hacking