๐ฎ๐น
CoreTech srl
2026-07-19 00:28:58
(8 hours ago)
cloudlinux2 fail2ban: 2026-07-19 02:25:09,247 fail2ban.filter [1598]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-19 02:25:09,247 fail2ban.filter [1598]: INFO [plesk-wordpress] Found 45.132.227.5 - 2026-07-19 02:25:08cloudlinux2 fail2ban: 2026-07-19 02:25:29,985 fail2ban.filter [1598]: INFO [plesk-wordpress] Found 136.144.33.201 - 2026-07-19 02:25:29cloudlinux2 fail2ban: 2026-07-19 02:25:24,032 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 178.77.184.254 - 2026-07-19 02:25:24cloudlinux2 fail2ban: 2026-07-19 02:25:34,871 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 178.77.184.254 - 2026-07-19 02:25:34cloudlinux2 fail2ban: 2026-07-19 02:25:37,655 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.64 - 2026-07-19 02:25:37cloudlinux2 fail2ban: 2026-07-19 02:25:37,642 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.64 - 2026-07-19 02:25:37cloudlinux2 fail2ban: 2026-07-19 02:26:27,362 fail2ban.actions [1598]: NOTICE [plesk-modsecurity] Ban 178.77.184.254cloudlinux2 fail2ban
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 23:53:29
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:53:26.378015 2026] [security2:error] [pid 1903113:tid 1903113] [client 140.248.75.64:33336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.texasfurnitureinc.com"] [uri "/.git/config"] [unique_id "alwR9qS0S-NUNcajrOz5aQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-18 22:34:53
(9 hours ago)
Try to access /.git/HEAD
Web App Attack
๐ฟ๐ฆ
conure
2026-07-18 18:52:03
(13 hours ago)
csagent: score 20.0: secrets grab x2; 1 domain(s) in 0s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 05:15:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:15:21.851666 2026] [security2:error] [pid 19709:tid 19709] [client 140.248.75.64:59678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.fixitz.net"] [uri "/.git/config"] [unique_id "alsL6SrJDu5zcp9idt5rmAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-17 01:30:04
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:47:25
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:47:20.146469 2026] [security2:error] [pid 10140:tid 10171] [client 140.248.75.64:56700] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nwnative.us"] [uri "/.git/HEAD"] [unique_id "aljg6KxCjE43MOJJty73TwAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 10:55:12
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 06:55:07.780577 2026] [security2:error] [pid 9866:tid 9866] [client 140.248.75.64:57610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.wildcroc.us"] [uri "/.git/HEAD"] [unique_id "ali4i6sAkcDB37NIMn56eAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
CBJ
2026-07-16 08:10:38
(3 days ago)
fail2ban: apache-filepath-recon
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 05:42:18
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:42:10.449169 2026] [security2:error] [pid 3581515:tid 3581515] [client 140.248.75.64:19008] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.tiln.org"] [uri "/.git/config"] [unique_id "alhvMinxDp_n_-rowPFkbQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 05:20:58
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:20:50.502410 2026] [security2:error] [pid 18049:tid 18049] [client 140.248.75.64:14810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.34thprs.org"] [uri "/.git/HEAD"] [unique_id "alhqMq9AkHtV9wuVAT8AQwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 04:07:41
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 00:07:35.839290 2026] [security2:error] [pid 30896:tid 30896] [client 140.248.75.64:34684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.behrooz.org"] [uri "/.git/config"] [unique_id "alhZBwv7WYfoh_dbhrpzDwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:23:41
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:23:37.157409 2026] [security2:error] [pid 401:tid 401] [client 140.248.75.64:8228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.schoolrx.org"] [uri "/.git/HEAD"] [unique_id "alhAqXc6mdFmRLkYfFNhGgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 07:23:04
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 03:23:00.328514 2026] [security2:error] [pid 9641:tid 9641] [client 140.248.75.64:14544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mandavaassoc.com"] [uri "/.git/config"] [unique_id "alc1VPo8Iw3Y4x77U5x4MAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 05:47:05
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 01:46:58.939610 2026] [security2:error] [pid 17043:tid 17043] [client 140.248.75.64:33370] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.eatatlotone.com"] [uri "/.git/config"] [unique_id "alce0jei_dIqLaLHepAS-gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack