๐บ๐ธ
TPI-Abuse
2026-07-11 12:32:17
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 08:32:12.792324 2026] [security2:error] [pid 23405:tid 23405] [client 140.248.75.158:4236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "croixlac.com"] [uri "/.git/config"] [unique_id "alI3zACPJA9vddslk9DD9wAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 05:36:09
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 01:36:06.365327 2026] [security2:error] [pid 25818:tid 25818] [client 140.248.75.158:27264] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customdesign.kemela.com"] [uri "/.git/config"] [unique_id "alHWRodU5csXcEJvwFCqpgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
peterh
2026-07-11 04:30:00
(9 hours ago)
Bad Web Bot
Phishing
Hacking
๐ฉ๐ช
mravb
2026-07-10 17:18:33
(20 hours ago)
140.248.75.158 - - [10/Jul/2026:20:18:33 +0300] "GET /.git/HEAD HTTP/1.1" 401 188 "-" "git/2.39.2"
. ...
show more
140.248.75.158 - - [10/Jul/2026:20:18:33 +0300] "GET /.git/HEAD HTTP/1.1" 401 188 "-" "git/2.39.2"
...
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-10 08:59:40
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 04:59:33.347707 2026] [security2:error] [pid 32234:tid 32234] [client 140.248.75.158:55630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "csme-eprr.com"] [uri "/.git/HEAD"] [unique_id "alC0dVS4WrcQlCoAo9by2QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Webhoster
2026-07-10 07:09:19
(1 day ago)
{"ClientAddr":"172.71.164.234:12602","ClientHost":"140.248.75.158","ClientPort":"12602","ClientUsern ...
show more
{"ClientAddr":"172.71.164.234:12602","ClientHost":"140.248.75.158","ClientPort":"12602","ClientUsername":"-","DownstreamContentSize":0,"DownstreamStatus":403,"Duration":20619031,"OriginContentSize":0,"OriginDuration":0,"OriginStatus":0,"Overhead":20619031,"RequestAddr":"files.timvdberg.dev","RequestContentSize":0,"RequestCount":278257,"RequestHost":"files.timvdberg.dev","RequestMethod":"GET","RequestPath":"/.git/HEAD","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"RouterName":"files@file","StartLocal":"2026-07-10T07:09:19.53638913Z","StartUTC":"2026-07-10T07:09:19.53638913Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"https","level":"info","msg":"","request_Cf-Connecting-Ip":"140.248.75.158","request_X-Forwarded-For":"140.248.75.158","request_X-Real-Ip":"172.71.164.234","time":"2026-07-10T07:09:19Z"}
{"ClientAddr":"172.70.246.119:9611","ClientHost":"140.248.75.158","ClientPort":"9611","ClientUsername":"-","Downstr
...
show less
Port Scan
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-10 07:08:43
(1 day ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-09 17:28:07
(1 day ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 00:50:08
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 20:50:01.204399 2026] [security2:error] [pid 22063:tid 22063] [client 140.248.75.158:17364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creeation.com"] [uri "/.git/config"] [unique_id "ak7wOUcs2xFGazj-et5e_AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 23:50:41
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:50:37.867102 2026] [security2:error] [pid 25900:tid 25900] [client 140.248.75.158:28476] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "custominktees.postermodelsworldwideinc.com"] [uri "/.git/config"] [unique_id "ak7iTaxlnZEwd1CKPXM85QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Tsumugi Kotobuki
2026-07-08 22:59:27
(2 days ago)
Web Scan (L7) | Paths: /.git/HEAD, /.git/config | Codes: 444(2x) | F2B/angie-path-trap@2026-07-08T22 ...
show more
Web Scan (L7) | Paths: /.git/HEAD, /.git/config | Codes: 444(2x) | F2B/angie-path-trap@2026-07-08T22:59:27Z
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:23:56
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:23:49.876060 2026] [security2:error] [pid 24061:tid 24061] [client 140.248.75.158:12356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidquiroa.com"] [uri "/.git/config"] [unique_id "ak4zRaKwDo6MUwLtgA_0HgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ผ
tye
2026-07-08 08:50:07
(3 days ago)
Wazuh Alert Evidence: 140.248.75.158 (140.248.75.158) - - [08/Jul/2026:16:50:04 +0800] "GET /.git/co ...
show more
Wazuh Alert Evidence: 140.248.75.158 (140.248.75.158) - - [08/Jul/2026:16:50:04 +0800] "GET /.git/config HTTP/1.1" 404 5170 "-" "git/2.39.2"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 23:06:29
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 19:06:21.951529 2026] [security2:error] [pid 27183:tid 27183] [client 140.248.75.158:31782] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nolafoodporn.com"] [uri "/.git/HEAD"] [unique_id "ak2GbaW16ypDcc7uUD5wrwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 21:08:55
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:08:48.387592 2026] [security2:error] [pid 7089:tid 7112] [client 140.248.75.158:38528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cookmanufacturinggroup.com"] [uri "/.git/config"] [unique_id "ak1q4IWfMLfz5BrfZ5Ga2QAAAJQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack