๐ซ๐ท
masterguru
2026-07-19 14:26:57
(7 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.27 (GB/United Kingdom/-): ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.27 (GB/United Kingdom/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-19 05:27:57
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 01:27:49.694899 2026] [security2:error] [pid 21097:tid 21097] [client 140.248.75.27:32098] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livingawakenedbook.com"] [uri "/.git/config"] [unique_id "alxgVb1o6kjVFKu8bfXgYQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 02:59:33
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 22:59:27.726356 2026] [security2:error] [pid 1648180:tid 1648180] [client 140.248.75.27:24894] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kildarafarms.com"] [uri "/.git/HEAD"] [unique_id "alw9j8WoXa1qSkPo8KncBQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 02:16:15
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 22:16:09.813590 2026] [security2:error] [pid 1112:tid 1112] [client 140.248.75.27:33054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.urbnet.com"] [uri "/.git/HEAD"] [unique_id "alwzaafq3wQKBXo1C4Gx6QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 01:09:18
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:09:14.052650 2026] [security2:error] [pid 18644:tid 18644] [client 140.248.75.27:29686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.merlinaerospace.com"] [uri "/.git/config"] [unique_id "alwjupVBUrrVThiew7A6dAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 23:53:57
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:53:53.867309 2026] [security2:error] [pid 4314:tid 4314] [client 140.248.75.27:47294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bizzybeejunkremoval.com"] [uri "/.git/config"] [unique_id "alwSEZ4WDDRbqFPOtSOP5AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
bescared
2026-07-18 09:19:00
(1 day ago)
WAF (1) - URL probing.
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-07-18 07:50:28
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-18 04:22:35
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 00:22:31.050546 2026] [security2:error] [pid 11274:tid 11274] [client 140.248.75.27:25196] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thommesen.net"] [uri "/.git/config"] [unique_id "alr_h2Cx8Yn8KO5pimwclgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 01:28:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 21:28:25.459025 2026] [security2:error] [pid 28551:tid 28551] [client 140.248.75.27:39512] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sprek.net"] [uri "/.git/config"] [unique_id "alrWucjTmR8LIAxjwr938wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 18:24:01
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 14:23:58.092532 2026] [security2:error] [pid 1173896:tid 1173896] [client 140.248.75.27:29762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bradsalerno.com"] [uri "/.git/config"] [unique_id "alpzPrvEe4TasBNapNS8dwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-17 14:23:29
(2 days ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.27 (GB/United Kingdom/-): ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 140.248.75.27 (GB/United Kingdom/-): 2 in the last 3600 secs (0-196)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 06:57:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:57:41.469389 2026] [security2:error] [pid 349470:tid 349470] [client 140.248.75.27:52262] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "astglobalgroup.com"] [uri "/.git/config"] [unique_id "alnSZd_Q9zs31hpXIv9gMgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-17 05:13:56
(2 days ago)
cloudlinux2 fail2ban: 2026-07-17 07:08:53,097 fail2ban.filter [1598]: INFO [plesk-modsecu ...
show more
cloudlinux2 fail2ban: 2026-07-17 07:08:53,097 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 172.111.80.51 - 2026-07-17 07:08:53cloudlinux2 fail2ban: 2026-07-17 07:08:55,063 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.27 - 2026-07-17 07:08:55cloudlinux2 fail2ban: 2026-07-17 07:08:53,107 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 172.111.80.51 - 2026-07-17 07:08:53cloudlinux2 fail2ban: 2026-07-17 07:08:55,074 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.27 - 2026-07-17 07:08:55cloudlinux2 fail2ban: 2026-07-17 07:09:02,004 fail2ban.filter [1598]: INFO [plesk-wordpress] Found 172.245.102.63 - 2026-07-17 07:09:01cloudlinux2 fail2ban: 2026-07-17 07:09:33,389 fail2ban.filter [1598]: INFO [plesk-wordpress] Found 216.24.219.97 - 2026-07-17 07:09:32cloudlinux2 fail2ban: 2026-07-17 07:10:33,912 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.89 - 2026-07-17 07:10:
show less
Web App Attack
๐ฎ๐น
VHosting
2026-07-17 01:25:03
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack