๐บ๐ธ
Matthew Ping
2026-07-01 13:00:02
(33 minutes ago)
ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 12:53:48
(39 minutes ago)
(mod_security) mod_security (id:210492) triggered by 147.182.137.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 147.182.137.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 08:53:40.268862 2026] [security2:error] [pid 7830:tid 7830] [client 147.182.137.203:50182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restorativeeducation.us"] [uri "/.git/config"] [unique_id "akUN1JvAteCFm3nL8p4IgQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-07-01 11:14:32
(2 hours ago)
CMS/framework probe: 147.182.137.203 - - [01/Jul/2026:13:14:31 +0200] "GET /.git/config HTTP/1.1" 30 ...
show more
CMS/framework probe: 147.182.137.203 - - [01/Jul/2026:13:14:31 +0200] "GET /.git/config HTTP/1.1" 301 178 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" asn=14061 org="DigitalOcean, LLC" country=US
...
show less
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-01 10:20:00
(3 hours ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 3 hits.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 10:04:07
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 147.182.137.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 147.182.137.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:03:59.256650 2026] [security2:error] [pid 27565:tid 27565] [client 147.182.137.203:37434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pistone.us"] [uri "/.git/config"] [unique_id "akTmD3MTJ-J8L1HXV4rI0gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 09:50:08
(3 hours ago)
Bot / scanning and/or hacking attempts: GET /.git/config HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 09:45:02
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 147.182.137.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 147.182.137.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:44:56.377152 2026] [security2:error] [pid 8970:tid 8970] [client 147.182.137.203:44430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marat.info"] [uri "/.git/config"] [unique_id "akThmBngNpqPfeieLZiFhQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-01 09:42:33
(3 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐ซ๐ท
masterguru
2026-07-01 09:30:25
(4 hours ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-197)
Hacking
Web App Attack
๐ฉ๐ช
sdos.es
2026-07-01 09:17:33
(4 hours ago)
"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"
Web App Attack
Anonymous
2026-07-01 08:58:38
(4 hours ago)
[01/Jul/2026:08:58:38 +0000] host=lovelyrender.app server=lovelyrender.app ip=147.182.137.203 method ...
show more
[01/Jul/2026:08:58:38 +0000] host=lovelyrender.app server=lovelyrender.app ip=147.182.137.203 method=GET req=/.git/config uri=/index.php status=302 bytes=5 rt=0.044 urt=0.043 ref="-" ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Web App Attack
Bad Web Bot
Anonymous
2026-07-01 08:39:16
(4 hours ago)
147.182.137.203 - - [01/Jul/2026:16:39:16 +0800] "GET /.git/config HTTP/1.1" 301 245 "-" "Mozilla/5. ...
show more
147.182.137.203 - - [01/Jul/2026:16:39:16 +0800] "GET /.git/config HTTP/1.1" 301 245 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-01 08:22:29
(5 hours ago)
[WedJul0110:22:23.8457072026][security2:error][pid1299098:tid1299133][client147.182.137.203:0]ModSec ...
show more
[WedJul0110:22:23.8457072026][security2:error][pid1299098:tid1299133][client147.182.137.203:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"spazi-web-hosting.ch\"][uri\"/.git/config\"][unique_id\"akTOP-S_tQW5U2dXYcDuGwAAABc\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-01 08:20:16
(5 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ksol-hostmaster
2026-07-01 08:07:29
(5 hours ago)
2026/07/01 10:07:28 [error] 62775#706319: *538122 access forbidden by rule, client: 147.182.137.203, ...
show more
2026/07/01 10:07:28 [error] 62775#706319: *538122 access forbidden by rule, client: 147.182.137.203, server: revolutionbim.com, request: "GET /.git/config HTTP/1.1", host: "revolutionbim.com"
...
show less
Web Spam