Anonymous
2026-07-01 20:17:02
(8 hours ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ซ๐ท
omartin
2026-07-01 17:25:27
(11 hours ago)
Critical Vulnerability Scan detected
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 17:23:44
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 13:23:37.217509 2026] [security2:error] [pid 11709:tid 11709] [client 34.16.151.61:60024] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.providencetheband.com.imagesbyaubrey.com"] [uri "/.git/config"] [unique_id "akVNGfZdq-3Yv7Nd8JwbtAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-01 17:12:06
(11 hours ago)
Try to access /.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 17:03:47
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 13:03:43.027439 2026] [security2:error] [pid 26709:tid 26709] [client 34.16.151.61:58876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pro.handyrehab.com"] [uri "/.git/config"] [unique_id "akVIbz1ggF1U6nl290-OigAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
enpepet
2026-07-01 17:02:33
(11 hours ago)
GENERAL: parametres: [url:git=] UA: URL:/.git/config
Port Scan
Hacking
Brute-Force
Bad Web Bot
๐ท๐ด
INTEQ
2026-07-01 16:57:47
(11 hours ago)
Web attack from 34.16.151.61
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-01 16:50:02
(11 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.16.151.61 (US/United States/61.1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.16.151.61 (US/United States/61.151.16.34.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack
๐ฉ๐ช
IVski
2026-07-01 16:44:27
(11 hours ago)
IVski WAF | Sensitive file probe detected - looking for .git
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
ne1for23
2026-07-01 16:34:54
(12 hours ago)
Attempting to probe for sensitive information accidently exposed via git config.
34.16.151.61 - - [ ...
show more
Attempting to probe for sensitive information accidently exposed via git config.
34.16.151.61 - - [01/Jul/2026:16:34:54 +0000] "GET /.git/config HTTP/1.1" 403 153 "-" "-"
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 16:29:55
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:29:48.254208 2026] [security2:error] [pid 20725:tid 20725] [client 34.16.151.61:35162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.prestige-gem.evelynkay.com"] [uri "/.git/config"] [unique_id "akVAfDZFVYPyA1HtE0WkjAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:10:41
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.16.151.61 (61.151.16.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:10:33.272197 2026] [security2:error] [pid 21191:tid 21191] [client 34.16.151.61:53610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.practicalrightsofself-defense.gemexpressions.com"] [uri "/.git/config"] [unique_id "akU7-TvemfSYXM_DhqlynQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
MM-bot
2026-07-01 16:09:46
(12 hours ago)
URL-probe: HTTP/1.1 GET request on /.git/config (2026-07-01 18:09:46 UTC+2)
Web App Attack
Hacking
๐บ๐ธ
mawan
2026-07-01 16:03:49
(12 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
cwytech
2026-07-01 15:53:11
(12 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/http-honeypath-sniper-crit.
Bad Web Bot
Web App Attack