๐ซ๐ท
masterguru
2026-07-13 04:58:26
(5 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.191 (GB/United Kingdom/-): ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.191 (GB/United Kingdom/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 00:32:48
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 20:32:40.929817 2026] [security2:error] [pid 19542:tid 19542] [client 140.248.75.191:3758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.csf-pos.com"] [uri "/.git/config"] [unique_id "alQyKOuLh9-3C8gWKx9lJQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
mondor.ro
2026-07-12 22:30:53
(11 hours ago)
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 140.248.75.191, Reason ...
show more
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 140.248.75.191, Reason:[(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (DE/Germany/-): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-12 21:35:06
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 17:35:00.671807 2026] [security2:error] [pid 22704:tid 22704] [client 140.248.75.191:17372] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.5degrees-eg.com"] [uri "/.git/HEAD"] [unique_id "alQIhDpXReFncb8OMFLDpQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ด
INTEQ
2026-07-12 19:54:34
(14 hours ago)
Web attack from 140.248.75.191
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-11 17:44:49
(1 day ago)
trolling for resource vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 17:08:42
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 13:08:37.050177 2026] [security2:error] [pid 11602:tid 11602] [client 140.248.75.191:11454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "downtownbluesprings.com.johnandramonadunn.com"] [uri "/.git/HEAD"] [unique_id "alJ4lYgkzomHh9UFQc8A7AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-11 12:24:04
(1 day ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 4 hits.
show less
Web App Attack
Anonymous
2026-07-11 08:57:13
(2 days ago)
Try to connect to Port_Scan_443_stealth
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-11 00:34:51
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 20:34:42.682339 2026] [security2:error] [pid 27237:tid 27237] [client 140.248.75.191:60800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.asermaq.cl"] [uri "/.git/config"] [unique_id "alGPorH9LEU2GidEQldYaAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 19:45:51
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 15:45:45.566850 2026] [security2:error] [pid 30162:tid 30162] [client 140.248.75.191:44506] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daveweisman.com"] [uri "/.git/HEAD"] [unique_id "alFL6RVdVmnRnLUNu6QUCwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
MPL
2026-07-10 15:34:16
(2 days ago)
tcp/443 (3 or more attempts)
Port Scan
๐ง๐ฌ
pa4080
2026-07-10 02:12:06
(3 days ago)
Detected by ModSecurity. Request URI: /.git/HEAD
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 01:04:13
(3 days ago)
(mod_security) mod_security (id:949110) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 140.248.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 21:04:07.617139 2026] [security2:error] [pid 20366:tid 20366] [client 140.248.75.191:15962] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "cpectec.com"] [uri "/.git/config"] [unique_id "alBFB_8KmhcRklpTZ2yQdQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-09 17:28:07
(3 days ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot