Anonymous
2026-07-11 04:16:25
(4 hours ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-10 20:35:07
(12 hours ago)
189 requests with url.path *.git/*
172 requests with url.path */.git/config
Brute-Force
Bad Web Bot
๐ซ๐ฎ
as211431.net
2026-07-10 20:29:20
(12 hours ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: Mozilla/5.0 (X11; Linux x86_64)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-10 20:25:09
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.19.47.187 (187.47.19.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.19.47.187 (187.47.19.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 16:25:03.547416 2026] [security2:error] [pid 14824:tid 14824] [client 34.19.47.187:40000] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seshetmusic.com"] [uri "/.git/config"] [unique_id "alFVH91uDItF_B43IrSpswAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
TechnoSolutions CL
2026-07-10 20:23:53
(12 hours ago)
34.19.47.187 - - [10/Jul/2026:19:48:13 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X1 ...
show more
34.19.47.187 - - [10/Jul/2026:19:48:13 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64)"
34.19.47.187 - - [10/Jul/2026:20:23:53 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64)"
...
show less
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-10 20:12:30
(12 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
4server
2026-07-10 20:09:25
(13 hours ago)
[FriJul1022:09:20.5892762026][security2:error][pid1719156:tid1719208][client34.19.47.187:0]ModSecuri ...
show more
[FriJul1022:09:20.5892762026][security2:error][pid1719156:tid1719208][client34.19.47.187:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ilmiotrentino.it\"][uri\"/.git/config\"][unique_id\"alFRcFR8fmf1W2EZOQ0YyQAAAFA\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
2026-07-10 20:07:01
(13 hours ago)
Automated web scanner. Requested suspicious paths: /.git/config. UTC: 2026-07-10 20:04:27.
Web App Attack
๐บ๐ธ
mnsf
2026-07-10 20:05:31
(13 hours ago)
Abuse Detected (61)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 20:02:35
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.19.47.187 (187.47.19.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.19.47.187 (187.47.19.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 16:02:26.160691 2026] [security2:error] [pid 9249:tid 9249] [client 34.19.47.187:58916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "healthmarkcounseling.com"] [uri "/.git/config"] [unique_id "alFP0gyh0Sdew5DWMjrRvwAAAGw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
CBJ
2026-07-10 20:01:28
(13 hours ago)
fail2ban: apache-filepath-recon
...
Web App Attack
๐ณ๐ฟ
Tripwire
2026-07-10 19:49:06
(13 hours ago)
Scanning for exploits - /.git/config
Web App Attack
๐บ๐ธ
etu brutus
2026-07-10 19:47:58
(13 hours ago)
34.19.47.187 has been banned for [WebApp Attack]
...
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
tsZero
2026-07-10 19:42:56
(13 hours ago)
Scan example: path=/.git/config status=404
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-10 19:41:45
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.19.47.187 (187.47.19.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.19.47.187 (187.47.19.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 15:41:39.153637 2026] [security2:error] [pid 28902:tid 28902] [client 34.19.47.187:44874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canebrakes.com"] [uri "/.git/config"] [unique_id "alFK8xqxy22y3LYhKNVFTgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack