๐ช๐ธ
Gem
2026-07-03 22:17:48
(4 hours ago)
Unauthorized web scan.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:07:15
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:07:08.250542 2026] [security2:error] [pid 27112:tid 27112] [client 157.245.131.149:55772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kleens-uk.com"] [uri "/.git/config"] [unique_id "akgyjNad-hVWOqGh31hO1gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-03 21:59:26
(4 hours ago)
Auto-ban: >3000 req/min op 2026-07-03
Web App Attack
SSH
Hacking
๐ฉ๐ช
sdos.es
2026-07-03 20:20:10
(6 hours ago)
"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"
Web App Attack
๐ฌ๐ง
Smish
2026-07-03 19:44:42
(7 hours ago)
HONEYPOT HIT --> Fail2ban time=1783107880 log=2026-07-03T20:44:40+01:00 ip=157.245.131.149 host=shit ...
show more
HONEYPOT HIT --> Fail2ban time=1783107880 log=2026-07-03T20:44:40+01:00 ip=157.245.131.149 host=shitcunt.ovh method=GET uri="/.git/config" status=404 ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ref="-" rid=ae36729858801bae83c8c5b2601e1d69
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 15:11:38
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 11:11:34.405028 2026] [security2:error] [pid 990:tid 990] [client 157.245.131.149:51724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "businesscongratulationscards.com"] [uri "/.git/config"] [unique_id "akfRJuKdidcD2uY7mI2M5gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 14:48:50
(12 hours ago)
1.010 requests with url.path */.git/config
Brute-Force
Bad Web Bot
Anonymous
2026-07-03 13:56:30
(12 hours ago)
157.245.131.149 - - [03/Jul/2026:10:56:29 -0300] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5. ...
show more
157.245.131.149 - - [03/Jul/2026:10:56:29 -0300] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Port Scan
Hacking
SQL Injection
Brute-Force
Bad Web Bot
Exploited Host
๐ฆ๐บ
2000cn.com.au
2026-07-03 13:43:55
(13 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-03 13:09:01
(13 hours ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,m ...
show more
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,mx03,wa01,wa02]
show less
Bad Web Bot
Web App Attack
๐ฏ๐ต
warudora
2026-07-03 12:58:04
(13 hours ago)
Automated Honeypot Trap: Attempted to access sensitive path '/.git/config' on a Flask server.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:17:03
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:16:57.294932 2026] [security2:error] [pid 12617:tid 12617] [client 157.245.131.149:41722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kruizekontrhl.com"] [uri "/.git/config"] [unique_id "akeaKSBWcLOjgn1mzLRrDgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 10:58:42
(15 hours ago)
157.245.131.149 - - [03/Jul/2026:18:58:42 +0800] "GET /.git/config HTTP/1.1" 301 246 "-" "Mozilla/5. ...
show more
157.245.131.149 - - [03/Jul/2026:18:58:42 +0800] "GET /.git/config HTTP/1.1" 301 246 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-03 09:33:52
(17 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:16:38
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 157.245.131.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:16:33.658064 2026] [security2:error] [pid 29757:tid 29757] [client 157.245.131.149:58120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scsurfside.net"] [uri "/.git/config"] [unique_id "akdv4YVH97_q9WjYPl6ltAAAAG0"]
show less
Brute-Force
Bad Web Bot
Web App Attack