๐ฌ๐ง
openstrike.co.uk
2026-07-01 05:14:59
(5 hours ago)
2 attacks on VC URLs:
GET /.git/config HTTP/1.1
Hacking
๐ฌ๐ง
[email protected]
2026-07-01 00:30:44
(10 hours ago)
213.7.61.208 - - [01/Jul/2026:00:30:36 +0000] "GET /.git/config HTTP/1.1" 403 334 "-" "Go-http-clien ...
show more
213.7.61.208 - - [01/Jul/2026:00:30:36 +0000] "GET /.git/config HTTP/1.1" 403 334 "-" "Go-http-client/1.1"
213.7.61.208 - - [01/Jul/2026:00:30:42 +0000] "GET /.git/config HTTP/1.1" 403 334 "http://networkrail.aspireacademy.tv/.git/config" "Go-http-client/1.1"
213.7.61.208 - - [01/Jul/2026:00:30:43 +0000] "GET /.git/config HTTP/1.1" 403 330 "-" "Go-http-client/1.1"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 03:44:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 23:44:05.027616 2026] [security2:error] [pid 31789:tid 31815] [client 213.7.61.208:43068] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mwcecommerce.com"] [uri "/.git/config"] [unique_id "akM7hSadsiTqrgSXY3fjTAAAAJc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
macrob
2026-06-30 01:02:35
(1 day ago)
2026/06/30 01:02:34 [error] 539507#539507: *339627617 access forbidden by rule, client: 213.7.61.208 ...
show more
2026/06/30 01:02:34 [error] 539507#539507: *339627617 access forbidden by rule, client: 213.7.61.208, server: binixo.vn, request: "POST /wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php HTTP/1.1", host: "binixo.vn"
2026/06/30 01:02:34 [error] 539506#539506: *339627623 access forbidden by rule, client: 213.7.61.208, server: binixo.vn, request: "POST /wp-admin/admin-ajax.php HTTP/1.1", host: "binixo.vn"
2026/06/30 01:02:34 [error] 539509#539509: *339627627 access forbidden by rule, client: 213.7.61.208, server: binixo.vn, request: "POST /axis2/axis2-admin/login HTTP/1.1", host: "binixo.vn"
...
show less
Web App Attack
๐ฉ๐ช
Hary74656
2026-06-29 14:08:06
(1 day ago)
[Mon Jun 29 14:06:51.397262 2026] [security2:error] [pid 84907:tid 84973] [client 213.7.61.208:36082 ...
show more
[Mon Jun 29 14:06:51.397262 2026] [security2:error] [pid 84907:tid 84973] [client 213.7.61.208:36082] [client 213.7.61.208] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "www.bienchen.at"] [uri "/.git/config"] [unique_id "akJf2so_8qb89hIK6EMsYQAABB8"]
[Mon Jun 29 14:06:52.237721 2026] [security2:error] [pid 84515:tid 84593] [client 213.7.61.208:36096] [client 213.7.61.208] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/sha
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 10:48:33
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:48:24.619714 2026] [security2:error] [pid 18269:tid 18269] [client 213.7.61.208:48968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "executivedefenseagency.com.f4fbbs.com"] [uri "/.git/config"] [unique_id "akJNeINFq9ffOmm6R5oXBwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-06-29 09:52:45
(2 days ago)
Triggered Cloudflare WAF (firewallManaged) from CY.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET meth ...
show more
Triggered Cloudflare WAF (firewallManaged) from CY.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: Go-http-client/1.1
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-28 16:25:57
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:25:49.566347 2026] [security2:error] [pid 17607:tid 17607] [client 213.7.61.208:29330] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cipcug.org"] [uri "/.git/config"] [unique_id "akFLDSyCo4e8OqU_BcPcgQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
raph
2026-06-28 13:22:24
(2 days ago)
[DOT FILES] crawler *.env*, .git*, .config*, etc.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 11:44:38
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:44:32.049519 2026] [security2:error] [pid 23402:tid 23402] [client 213.7.61.208:16376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fletesgero.com"] [uri "/.git/config"] [unique_id "akEJIOO0-k0J3f9WvLOpswAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 01:28:50
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:28:42.559077 2026] [security2:error] [pid 30970:tid 30970] [client 213.7.61.208:43304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.thehomemailbox.com"] [uri "/.git/config"] [unique_id "akB4yj_6IVLO09izTEJdmQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-27 21:13:00
(3 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 06:16:15
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:16:11.027655 2026] [security2:error] [pid 1922:tid 1922] [client 213.7.61.208:41320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.liferestorationproject.com"] [uri "/.git/config"] [unique_id "aj9qqwlmRS1q-iW0AHxOfQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 02:05:51
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:05:44.635826 2026] [security2:error] [pid 12098:tid 12108] [client 213.7.61.208:56012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.malvadocuaderno.com.emehache.net"] [uri "/.git/config"] [unique_id "aj8v-FpMNwoeIRkLHL_kAgAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 23:39:32
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy ...
show more
(mod_security) mod_security (id:210492) triggered by 213.7.61.208 (213-61-208.netrunf.cytanet.com.cy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:39:28.487495 2026] [security2:error] [pid 29064:tid 29064] [client 213.7.61.208:63710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuulphotos.com"] [uri "/.git/config"] [unique_id "aj8NsBe9c8QRGQjRY_Vw1AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack