๐บ๐ธ
TPI-Abuse
2026-07-02 11:27:42
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:27:38.024802 2026] [security2:error] [pid 27860:tid 27860] [client 172.70.248.58:10730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "golflavahotsprings.com"] [uri "/.git/config"] [unique_id "akZLKhF-tXkWFt_F4f91nAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 21:54:50
(2 days ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/install.php
Web App Attack
๐ท๐บ
DZBOT
2026-06-29 22:15:13
(4 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 09:10:48
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:10:43.186106 2026] [security2:error] [pid 5113:tid 5113] [client 172.70.248.58:12602] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.usaangelinvestors.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.usaangelinvestors.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akI2kwi3YnBc2DWYQHVDdQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 06:34:34
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 02:34:27.606188 2026] [security2:error] [pid 29773:tid 29773] [client 172.70.248.58:11989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leobynum.com"] [uri "/.git/config"] [unique_id "aj4dc0n5KrrLeI6Mxr7JyQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
www.mammazone.it
2026-06-24 18:08:36
(1 week ago)
[Wed Jun 24 20:08:35.125977 2026] [proxy_fcgi:error] [pid 2819350] [client 172.70.248.58:12853] AH01 ...
show more
[Wed Jun 24 20:08:35.125977 2026] [proxy_fcgi:error] [pid 2819350] [client 172.70.248.58:12853] AH01071: Got error 'Primary script unknown'
[Wed Jun 24 20:08:35.291976 2026] [proxy_fcgi:error] [pid 2819350] [client 172.70.248.58:12853] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐ฉ๐ช
www.mammazone.it
2026-06-22 06:16:45
(1 week ago)
[Mon Jun 22 08:16:44.790637 2026] [proxy_fcgi:error] [pid 2301885] [client 172.70.248.58:10801] AH01 ...
show more
[Mon Jun 22 08:16:44.790637 2026] [proxy_fcgi:error] [pid 2301885] [client 172.70.248.58:10801] AH01071: Got error 'Primary script unknown'
[Mon Jun 22 08:16:44.945543 2026] [proxy_fcgi:error] [pid 2301885] [client 172.70.248.58:10801] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐ฌ๐ง
OptimusGO
2026-06-22 02:43:53
(1 week ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-06-22 03:43:53 UTC
Log evidence:
172.70.248.58 - - [22/Jun/2026:03:43:41 +0100] "GET /console/ HTTP/1.1" 404 118 "-" "Mozilla/5.0 (l9scan/2.0.533313e24373e21323e2430313; +https://leakix.net)"
172.70.248.58 - - [22/Jun/2026:03:43:43 +0100] "GET /server-status HTTP/1.1" 404 118 "-" "Mozilla/5.0 (l9scan/2.0.533313e24373e21323e2430313; +https://leakix.net)"
06/22/2026-03:43:41.739999 [**] [1:2049255:1] ET SCAN LeakIX Inbound User-Agent [**] [Classification: Misc activity] [Priority: 3] {TCP} 172.70.248.58:11462 -> 185.127.18.66:80
show less
Port Scan
Brute-Force
๐ฉ๐ช
acadeova
2026-06-12 01:45:54
(3 weeks ago)
๐จ Recon detected (nft drop)
SRC=172.70.248.58
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.248.58
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ฉ๐ช
www.mammazone.it
2026-06-11 12:55:56
(3 weeks ago)
[Thu Jun 11 14:55:55.616700 2026] [proxy_fcgi:error] [pid 3789864] [client 172.70.248.58:13936] AH01 ...
show more
[Thu Jun 11 14:55:55.616700 2026] [proxy_fcgi:error] [pid 3789864] [client 172.70.248.58:13936] AH01071: Got error 'Primary script unknown', referer: http://underdomotic.fabiodirauso.it/ioxi-o.php
[Thu Jun 11 14:55:55.997347 2026] [proxy_fcgi:error] [pid 3789864] [client 172.70.248.58:13936] AH01071: Got error 'Primary script unknown', referer: http://underdomotic.fabiodirauso.it/x.php
...
show less
Hacking
๐ฒ๐ฝ
octageeks.com
2026-06-10 04:18:18
(3 weeks ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 03:12:13
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:12:07.957283 2026] [security2:error] [pid 12085:tid 12085] [client 172.70.248.58:9795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "randomgroovemusic.com.englishmagic.us"] [uri "/.git/config"] [unique_id "aiThh_DqkSRBC_aFvRYZ1AAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 22:44:49
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 18:44:42.644308 2026] [security2:error] [pid 1743:tid 1743] [client 172.70.248.58:13968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevintheadventurer.org"] [uri "/.git/config"] [unique_id "aiH_2gXvhDGNR06iWxvgkwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 02:34:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:34:07.298345 2026] [security2:error] [pid 17889:tid 17889] [client 172.70.248.58:12717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cauchosindustrialesespeciales.com"] [uri "/.git/config"] [unique_id "ah-Sn1d7jxfRu0RgCVcjWgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 00:30:58
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:30:55.069815 2026] [security2:error] [pid 15396:tid 15396] [client 172.70.248.58:11911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amgtr.com"] [uri "/.git/config"] [unique_id "ah91v1C_4EjoGtt-6RhuYQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack