๐บ๐ธ
mawan
2026-06-30 16:27:47
(12 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฆ๐ฑ
router.al
2026-06-28 21:09:23
(2 days ago)
06/28/2026-21:09:23.526863 172.70.46.215 Protocol: 6 GPL WEB_SERVER 403 Forbidden
Port Scan
๐บ๐ธ
mawan
2026-06-28 10:53:30
(2 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-06-27 05:56:57
(3 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-06-26 19:00:53
(4 days ago)
172.70.46.215 - - [26/Jun/2026:18:58:57 +0000] "GET /.env HTTP/2.0" 404 198 "http://infostore.eladio ...
show more
172.70.46.215 - - [26/Jun/2026:18:58:57 +0000] "GET /.env HTTP/2.0" 404 198 "http://infostore.eladiogarcia.com/static../../.env" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.7049.84 Safari/537.36" "76.199.77.33,195.178.110.102"
172.70.46.215 - - [26/Jun/2026:18:59:10 +0000] "GET /.env HTTP/2.0" 404 198 "http://infostore.eladiogarcia.com/files/.././.env" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.7049.84 Safari/537.36" "76.199.77.33,195.178.110.102"
172.70.46.215 - - [26/Jun/2026:19:00:32 +0000] "GET /.env HTTP/2.0" 404 198 "http://infostore.eladiogarcia.com/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "115.112.77.33,195.178.110.102"
172.70.46.215 - - [26/Jun/2026:19:00:52 +0000] "GET /.env.dev HTTP/2.0" 404 198 "http://infostore.eladiogarcia.com/./.env.dev" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
...
show less
Port Scan
Brute-Force
๐บ๐ธ
mawan
2026-06-24 16:23:23
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-06-24 05:55:27
(6 days ago)
172.70.46.215 - - [24/Jun/2026:07:55:17 +0200] "GET /info.php HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Wi ...
show more
172.70.46.215 - - [24/Jun/2026:07:55:17 +0200] "GET /info.php HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [24/Jun/2026:07:55:17 +0200] "GET /api/login HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [24/Jun/2026:07:55:18 +0200] "GET /core/.env HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [24/Jun/2026:07:55:20 +0200] "GET /api/logout HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [24/Jun/2026:07:55:22 +0200] "GET /phpinfo HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [24/Jun/2026:07:55:22 +0200] "GET /phpinfo.php HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [24/Jun/2026:07:55:22 +0200] "GET /signin HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0;
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 01:16:36
(1 week ago)
172.70.46.215 - - [19/Jun/2026:03:16:25 +0200] "GET /local.settings.json HTTP/1.1" 404 124 "-" "Mozi ...
show more
172.70.46.215 - - [19/Jun/2026:03:16:25 +0200] "GET /local.settings.json HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [19/Jun/2026:03:16:26 +0200] "GET /web.config HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [19/Jun/2026:03:16:26 +0200] "GET /settings.py HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [19/Jun/2026:03:16:27 +0200] "GET /local_settings.py HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [19/Jun/2026:03:16:27 +0200] "GET /settings/production.py HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [19/Jun/2026:03:16:27 +0200] "GET /config/database.yml HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
172.70.46.215 - - [19/Jun/2026:03:16:28 +0200] "GET /config/secrets.
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-16 14:48:49
(2 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
ParaBug
2026-06-16 02:14:16
(2 weeks ago)
172.70.46.215 - - [16/Jun/2026:04:14:15 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 315 " ...
show more
172.70.46.215 - - [16/Jun/2026:04:14:15 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 315 "-" "http://myviven.com/wp-admin/install.php?step=1"
...
show less
Phishing
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 15:38:26
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.46.215 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.46.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 11:38:18.180648 2026] [security2:error] [pid 16669:tid 16669] [client 172.70.46.215:14104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wetheparty.org.stlouisdave.com"] [uri "/.env.production"] [unique_id "ajAcag7s0bIeRljouiQSwQAAAAk"], referer: https://www.google.com/search?q=wetheparty.org.stlouisdave.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
antivoid.xyz
2026-05-26 21:55:58
(1 month ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-14 05:34:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.46.215 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.46.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 01:33:59.587909 2026] [security2:error] [pid 24590:tid 24590] [client 172.70.46.215:12787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "preskitpc.com"] [uri "/sftp-config.json"] [unique_id "agVexyaz1aYgwlG2Y9ltvwAAABk"], referer: https://www.google.com/search?q=preskitpc.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ParaBug
2026-05-12 21:08:21
(1 month ago)
172.70.46.215 - - [12/May/2026:23:08:21 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 315 " ...
show more
172.70.46.215 - - [12/May/2026:23:08:21 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 315 "-" "http://myviven.ch/wp-admin/install.php?step=1"
...
show less
Phishing
Brute-Force
Web App Attack
๐ซ๐ท
Dechavanne
2026-04-16 02:00:13
(2 months ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack