๐บ๐ธ
Starburst SysOp Team
2026-06-29 20:52:18
(2 days ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-mnz6-4)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 20:32:50
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 16:32:44.045464 2026] [security2:error] [pid 13065:tid 13065] [client 34.13.177.149:52072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mnalabama.com"] [uri "/.git/config"] [unique_id "akLWbBrQnAgtcFk-WhHJygAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 20:09:50
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 16:09:46.482696 2026] [security2:error] [pid 20366:tid 20366] [client 34.13.177.149:38582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mmipro.com"] [uri "/.git/config"] [unique_id "akLRCtaxvoViSX89lpdQ1AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-29 17:24:43
(3 days ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 2 hits.
show less
Web App Attack
๐บ๐ธ
aks4226
2026-06-29 17:18:22
(3 days ago)
Attacking common web applications. (n01)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 17:16:26
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 13:16:23.263724 2026] [security2:error] [pid 9017:tid 9017] [client 34.13.177.149:47108] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nypatriotcards.com"] [uri "/.git/config"] [unique_id "akKoZwpEllm3ijEn44hu1gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-06-29 17:02:42
(3 days ago)
Triggered Cloudflare WAF (firewallCustom) from NL.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoi ...
show more
Triggered Cloudflare WAF (firewallCustom) from NL.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoint: /.git/config | UA: Empty string โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-29 16:51:05
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:51:01.456942 2026] [security2:error] [pid 18437:tid 18461] [client 34.13.177.149:50686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nwnative.us"] [uri "/.git/config"] [unique_id "akKidZX_6y1cVD75_yx8MwAAAFM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Epimetheus
2026-06-29 16:42:12
(3 days ago)
Unauthorized access attempts:
[GET] /.git/config
UA: Unknown
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 16:36:05
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:36:01.115878 2026] [security2:error] [pid 26894:tid 26894] [client 34.13.177.149:42086] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nvafc.drxcontent.com"] [uri "/.git/config"] [unique_id "akKe8acaXNRPdvY4Po2AvwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-06-29 16:24:30
(3 days ago)
Triggered Cloudflare WAF (firewallCustom) from NL.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from NL.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-29 16:13:29
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:13:24.086037 2026] [security2:error] [pid 25304:tid 25304] [client 34.13.177.149:47510] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nutandboltguy.com"] [uri "/.git/config"] [unique_id "akKZpClsD2IpN7tiF3HmZwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
Olexiy Backend
2026-06-29 15:47:46
(3 days ago)
34.13.177.149
...
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 15:46:19
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.13.177.149 (149.177.13.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 11:46:15.069629 2026] [security2:error] [pid 9459:tid 9459] [client 34.13.177.149:55930] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nuevo.allcostaricarentals.com"] [uri "/.git/config"] [unique_id "akKTR1Ef9eFI9AT2SjvQJwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 15:45:02
(3 days ago)
suspicious request in access.log
Web App Attack