๐ฉ๐ช
onlyops.app
2026-07-12 01:00:10
(7 hours ago)
Web application firewall (ModSecurity) detected malicious traffic | detected by Fail2Ban (plesk-mods ...
show more
Web application firewall (ModSecurity) detected malicious traffic | detected by Fail2Ban (plesk-modsecurity jail) | onlyops.app
show less
Exploited Host
๐ฉ๐ช
iNetWorker
2026-07-11 18:06:09
(14 hours ago)
trolling for resource vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 02:29:53
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 22:29:48.735098 2026] [security2:error] [pid 7782:tid 7782] [client 140.248.75.46:48296] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tecnoconce.cl"] [uri "/.git/config"] [unique_id "alGqnL-NjvbDfaSJvui0FQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 21:49:02
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 17:48:58.841386 2026] [security2:error] [pid 20976:tid 20976] [client 140.248.75.46:35858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "delgal.cs-mall.com"] [uri "/.git/HEAD"] [unique_id "alFoyoRRI2e7lMg5tkp1pAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 20:55:03
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 16:54:56.337288 2026] [security2:error] [pid 692566:tid 692566] [client 140.248.75.46:16368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deweysearch.com"] [uri "/.git/HEAD"] [unique_id "alFcIFnNzFCa42ixW_aSvgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
MPL
2026-07-10 15:07:18
(1 day ago)
tcp/443 (6 or more attempts)
Port Scan
๐ณ๐ฟ
Antinson
2026-07-09 17:28:07
(2 days ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐ฆ๐บ
paulshipley.com.au
2026-07-09 16:58:04
(2 days ago)
[Fri Jul 10 02:58:03.652926 2026] [security2:error] [pid 505935] [client 140.248.75.46:40620] [clien ...
show more
[Fri Jul 10 02:58:03.652926 2026] [security2:error] [pid 505935] [client 140.248.75.46:40620] [client 140.248.75.46] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.co.nz"] [uri "/.git/HEAD"] [unique_id "ak_TGzQgMtzoC3MZ2R7shQAAAAE"]
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:04:34
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:04:26.557114 2026] [security2:error] [pid 23532:tid 23532] [client 140.248.75.46:25294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "directnic.ladybehindthecurtain.com"] [uri "/.git/config"] [unique_id "ak4uugDGlirRRWvwGRfp-QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:32:46
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:32:40.229482 2026] [security2:error] [pid 15259:tid 15259] [client 140.248.75.46:40246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.neff.family.name"] [uri "/.git/HEAD"] [unique_id "aksv6Ic0LOGN8o7XRYKV8QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-05 01:24:04
(1 week ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-04 06:38:23
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:38:16.233434 2026] [security2:error] [pid 3257:tid 3270] [client 140.248.75.46:55330] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "culturallyyours.org"] [uri "/.git/HEAD"] [unique_id "akiqWJGilovBiHP1yjUQ5AAAAMo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:03:20
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:03:16.058317 2026] [security2:error] [pid 26436:tid 26436] [client 140.248.75.46:12214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kadinisi.org"] [uri "/.git/config"] [unique_id "akiGBCpJMJz8HFOH7lj0FgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2026-07-04 01:26:23
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 140.248.75.46 (DE/Germany/-): N in the last X s ...
show more
(mod_security) mod_security (id:949110) triggered by 140.248.75.46 (DE/Germany/-): N in the last X secs
show less
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-03 02:30:35
(1 week ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack