SCARD

Suspicious activity by IP address 172.70.246.141

Below is a list of the last 500 suspicious interactions with this IP.

Last observed Wed, 08 Jul 2026 07:54:46 (Australia/Brisbane)

Back to main list

Summary of suspicious activity by IP address 172.70.246.141

Description Count
ET SCAN LeakIX Inbound User-Agent 10
ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020) 4
ET EXPLOIT GraphQL Introspection Query Attempt 2

Detailed activity by IP address 172.70.246.141

Timestamp Description Protocol Destination Port
2026-07-08 07:54:46 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-07-08 07:54:46 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-07-08 06:53:39 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-07-08 06:53:39 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-06-21 04:40:23 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-06-21 04:40:23 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-06-11 03:06:32 ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020) TCP 80
2026-06-11 03:06:31 ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020) TCP 80
2026-06-11 02:06:04 ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020) TCP 80
2026-06-11 02:06:04 ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020) TCP 80
2026-03-27 19:32:24 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-03-27 19:32:24 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-03-27 18:31:47 ET SCAN LeakIX Inbound User-Agent TCP 80
2026-03-27 18:31:47 ET EXPLOIT GraphQL Introspection Query Attempt TCP 80
2026-03-27 18:31:47 ET EXPLOIT GraphQL Introspection Query Attempt TCP 80
2026-03-27 18:31:47 ET SCAN LeakIX Inbound User-Agent TCP 80

 

Back to top