๐บ๐ธ
TPI-Abuse
2026-07-08 06:10:37
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:10:34.564363 2026] [security2:error] [pid 2509:tid 2509] [client 140.248.75.175:10354] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daretodreamproductions.homehealth101.com"] [uri "/.git/HEAD"] [unique_id "ak3p2ot2xWPh87toKc5BUwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:31:04
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:30:56.156481 2026] [security2:error] [pid 26704:tid 26704] [client 140.248.75.175:35024] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10mostwantedfugitives.directoryofbikes.com"] [uri "/.git/config"] [unique_id "aksTYJmSp6tWOqfEEZU23AAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ecs.ge
2026-07-06 01:50:41
(2 days ago)
Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 21:40:41
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 17:40:36.777168 2026] [security2:error] [pid 7210:tid 7243] [client 140.248.75.175:63548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seracon.com.ec"] [uri "/.git/config"] [unique_id "akrPVFRvw7HmjF43Bo8_RgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 09:37:50
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 05:37:44.697522 2026] [security2:error] [pid 24982:tid 24991] [client 140.248.75.175:26696] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.peapage.productions"] [uri "/.git/HEAD"] [unique_id "akol6On9TsimBisex3wGJgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2026-07-05 08:06:26
(3 days ago)
Accessed trap at '/.git/HEAD'
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-05 01:03:57
(3 days ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-04 17:41:29
(3 days ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:51:34
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:51:29.376533 2026] [security2:error] [pid 3322:tid 3322] [client 140.248.75.175:2680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.market.nationalenq.com"] [uri "/.git/HEAD"] [unique_id "aki7gaODGnO6hFpxGF5LYAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:05:52
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:05:47.699817 2026] [security2:error] [pid 1680:tid 1680] [client 140.248.75.175:48904] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dankent.com"] [uri "/.git/config"] [unique_id "akiwy6Q9rJfmXWWQMh7XIQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-04 07:00:37
(4 days ago)
[Sat Jul 04 17:00:37.199216 2026] [security2:error] [pid 740536] [client 140.248.75.175:7328] [clien ...
show more
[Sat Jul 04 17:00:37.199216 2026] [security2:error] [pid 740536] [client 140.248.75.175:7328] [client 140.248.75.175] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/.git/config"] [unique_id "akivle7THqJZ7ZJZn6ejmQAAAAc"]
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:14:49
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:14:43.534825 2026] [security2:error] [pid 4717:tid 4726] [client 140.248.75.175:51140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.track.ahsdistance.org"] [uri "/.git/config"] [unique_id "akiIswYA_8kb0B7s9qkUQQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:30:27
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:30:19.874489 2026] [security2:error] [pid 15256:tid 15256] [client 140.248.75.175:56768] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.naturalpozzolanassociation.org"] [uri "/.git/HEAD"] [unique_id "akhUG5dXvHLhXW2TihCcsAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-03 20:57:59
(4 days ago)
trolling for resource vulnerabilities
Web App Attack
๐ซ๐ท
masterguru
2026-07-03 20:01:28
(4 days ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.175 (GB/United Kingdom/-): ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.175 (GB/United Kingdom/-): 1 in the last 3600 secs (0-195)
show less
Hacking