๐บ๐ธ
TPI-Abuse
2026-07-15 15:09:57
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 11:09:53.028601 2026] [security2:error] [pid 1871:tid 1871] [client 140.248.227.170:6316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.justinrudd.com"] [uri "/.git/config"] [unique_id "aleiwXVLTZbvQt9crLEd2wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-15 06:08:02
(11 hours ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,m ...
show more
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,mx03]
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-15 04:07:02
(13 hours ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [wa01,wa02]
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 19:13:57
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:13:49.148999 2026] [security2:error] [pid 31363:tid 31363] [client 140.248.227.170:2152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thunder-kings.hodlmoser.com"] [uri "/.git/HEAD"] [unique_id "alaKbT1VX0vaJx_-2HAQhQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 14:00:13
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 10:00:08.486631 2026] [security2:error] [pid 5594:tid 5594] [client 140.248.227.170:44812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "janajjmcgraw.com"] [uri "/.git/config"] [unique_id "alTvaAIU1ozmlR4Yx7MSWQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:07:04
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:06:56.145912 2026] [security2:error] [pid 18304:tid 18304] [client 140.248.227.170:59068] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.keepingitsharp.biz"] [uri "/.git/HEAD"] [unique_id "alTG0KSHferr4tvfnxPOqwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:15:46
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:14:37.122514 2026] [security2:error] [pid 16983:tid 17006] [client 140.248.227.170:4520] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnumxl.com"] [uri "/.git/HEAD"] [unique_id "alRKDfVEloQqUT4JYMVMEAAAARA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 01:34:52
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:34:44.923388 2026] [security2:error] [pid 32137:tid 32137] [client 140.248.227.170:3088] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.daebakdesign.com"] [uri "/.git/HEAD"] [unique_id "alRAtOQdzAwT2M_HvneLewAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 01:19:10
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:19:02.942785 2026] [security2:error] [pid 1446:tid 1446] [client 140.248.227.170:51252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.deploy6tharmy.com"] [uri "/.git/config"] [unique_id "alQ9BpgvKWjZaUQlt4aQOwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 15:32:50
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 11:32:45.262277 2026] [security2:error] [pid 32443:tid 32443] [client 140.248.227.170:18004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drkerryklett.com"] [uri "/.git/HEAD"] [unique_id "alOzncFC0_5fOTPWCDsetQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
MPL
2026-07-10 16:54:51
(5 days ago)
tcp/443
Port Scan
๐ฉ๐ช
Ba-Yu
2026-07-10 07:47:23
(5 days ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 03:37:50
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:37:46.353991 2026] [security2:error] [pid 22984:tid 22984] [client 140.248.227.170:21840] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuddliesforkids.com"] [uri "/.git/HEAD"] [unique_id "ak8Xisq0VdbLMLFCbAJRGwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 23:31:45
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.227.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:31:41.288163 2026] [security2:error] [pid 3987:tid 4085] [client 140.248.227.170:42260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.eliteproductions.tv"] [uri "/.git/HEAD"] [unique_id "ak7d3aY_emjbED94h-5ZlgAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-06 06:27:51
(1 week ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/http-honeypath-sniper-crit.
Bad Web Bot
Web App Attack