๐ฉ๐ช
Darki1962
2026-07-02 05:05:01
(2 days ago)
12 hits, proto=tcp, ports=2082,2083,2086,2087,8080,8443
Port Scan
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-02 04:47:16
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 52.159.247.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 52.159.247.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:47:10.949045 2026] [security2:error] [pid 25633:tid 25633] [client 52.159.247.234:10962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.238"] [uri "/.git/HEAD"] [unique_id "akXtTtEfo-cPRoa_Y9hqawAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
OptimusGO
2026-07-02 04:24:56
(2 days ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-07-02 05:24:56 UTC
Log evidence:
07/02/2026-05:24:55.497560 [**] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [**] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 52.159.247.234:10825 -> 185.127.18.66:8443
07/02/2026-05:24:55.495652 [**] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [**] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 52.159.247.234:10836 -> 185.127.18.66:8080
show less
Port Scan
Brute-Force
๐บ๐ธ
xmission.com
2026-07-02 04:20:06
(2 days ago)
Blocked by UFW (TCP on 2086)
Source port: 10819
TTL: 116
Packet length: 40
TOS: 0x00
This report (f ...
show more
Blocked by UFW (TCP on 2086)
Source port: 10819
TTL: 116
Packet length: 40
TOS: 0x00
This report (for 52.159.247.234) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Anonymous
2026-07-02 01:27:24
(2 days ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ณ๐ฑ
SysAdmin Dylan
2026-07-02 00:53:49
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 52.159.247.234 (US/United States/-): 10 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 52.159.247.234 (US/United States/-): 10 in the last 3600 secs
show less
Brute-Force
๐จ๐ฟ
Prcek
2026-07-02 00:51:33
(2 days ago)
PortScan:HOST=52.159.247.234,DPORTS=443,2086,2087,8443
Port Scan
๐ท๐ธ
Scan
2026-07-02 00:29:52
(2 days ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
๐ฆ๐น
urnilxfgbez
2026-06-11 22:45:00
(3 weeks ago)
Last 24 Hours suspicious: (DPT=445|DPT=3389|DPT=22|DPT=3306|DPT=8080|DPT=23|DPT=5900|DPT=1433)
Port Scan
๐ฎ๐น
Inartis
2026-06-10 22:05:34
(3 weeks ago)
52.159.247.234 - - [11/Jun/2026:00:05:31 +0200] "GET /.env.local HTTP/1.1" 302 460 "-" "Mozilla/5.0 ...
show more
52.159.247.234 - - [11/Jun/2026:00:05:31 +0200] "GET /.env.local HTTP/1.1" 302 460 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
52.159.247.234 - - [11/Jun/2026:00:05:33 +0200] "GET /.env.production HTTP/1.1" 302 470 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
52.159.247.234 - - [11/Jun/2026:00:05:34 +0200] "GET /.env.backup HTTP/1.1" 302 462 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
Abuse Buster
2026-06-10 19:00:44
(3 weeks ago)
52.159.247.234 - - [10/Jun/2026:21:00:40 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 ...
show more
52.159.247.234 - - [10/Jun/2026:21:00:40 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
52.159.247.234 - - [10/Jun/2026:21:00:42 +0200] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
MPL
2026-06-10 17:49:16
(3 weeks ago)
tcp port scan (8 or more attempts)
Port Scan
๐บ๐ธ
RAP
2026-06-10 17:33:30
(3 weeks ago)
2026-06-10 17:33:30 UTC Unauthorized activity to TCP port 8080. Web App
Port Scan
Web App Attack