|
๐ฌ๐ง
NDCrawshaw
|
|
GET /.git/config
|
Web App Attack
|
|
|
๐ง๐ช
boxed-it
|
|
GET /.git/config (Tarpitted for 1d15h8m25s, wasted 8.06MB)
|
Web App Attack
|
|
|
๐ณ๐ฑ
jjnxpct
|
|
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/config (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/config]
show less
|
Hacking
Web App Attack
|
|
|
Anonymous
|
|
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
|
Exploited Host
|
|
|
Anonymous
|
|
IP banned by Fail2Ban in jail nginx-abusive-ips
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.232.63.46 (ec2-34-232-63-46.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.232.63.46 (ec2-34-232-63-46.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:33:43.077267 2025] [security2:error] [pid 30365:tid 30365] [client 34.232.63.46:33684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atmoorehealthcare.com"] [uri "/.git/config"] [unique_id "aTWCN8IAPN_Fg5lvEqO6iAAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐น
Erpelstolz
|
|
VM 131: 34.232.63.46 - - [07/Dec/2025:14:24:34 +0100] "GET /.git/config HTTP/1.1" 404 8456
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.232.63.46 (ec2-34-232-63-46.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.232.63.46 (ec2-34-232-63-46.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:18:23.404305 2025] [security2:error] [pid 1738:tid 1738] [client 34.232.63.46:52554] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web215.dnchosting.com"] [uri "/.git/config"] [unique_id "aTV-n3stPZ9h2FRorvZmYwAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Fuzzing/Looking for credentials files.
|
Brute-Force
Web App Attack
|
|
|
๐ฉ๐ช
oh.mg
|
|
[Sun Dec 07 14:08:17.844393 2025] [security2:error] [pid 677876:tid 677902] [client 34.232.63.46:412 ...
show more
[Sun Dec 07 14:08:17.844393 2025] [security2:error] [pid 677876:tid 677902] [client 34.232.63.46:41224] [client 34.232.63.46] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "oh.mg.sus.fr"] [uri "/.git/config"] [unique_id "aTV8QfUtsxnfues1h62oHgAAAFg"]
[Sun Dec 07 14:15:45.550371 2025] [security2:error] [pid 674245:tid 674264] [client 34.232.63.46:58528] [client 34.232.63.46] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "an
...
show less
|
Bad Web Bot
Web App Attack
|
|
|
๐ช๐ธ
el-brujo
|
|
Cloudflare WAF: Request Path: /.git/config Request Query: Host: warzone.elhacker.net userAgent: Moz ...
show more
Cloudflare WAF: Request Path: /.git/config Request Query: Host: warzone.elhacker.net userAgent: Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Action: block Source: firewallManaged ASN Description: AMAZON-AES Country: US Method: GET Timestamp: 2025-12-07T12:53:08Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
|
Hacking
SQL Injection
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.232.63.46 (ec2-34-232-63-46.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.232.63.46 (ec2-34-232-63-46.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:37:53.678874 2025] [security2:error] [pid 1095:tid 1095] [client 34.232.63.46:55020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bordalo-es.com"] [uri "/.git/config"] [unique_id "aTV1Ibsz9hQvpBZpT-_AOgAAAAA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
Kreapptivo
|
|
[07/Dec/2025:13:36:32 +0100] Web-Request: "GET /.git/config", User-Agent: "Mozilla/5.0 (Debian; Linu ...
show more
[07/Dec/2025:13:36:32 +0100] Web-Request: "GET /.git/config", User-Agent: "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36"
show less
|
Bad Web Bot
Web App Attack
|
|
|
๐ช๐ธ
el-brujo
|
|
Cloudflare WAF: Request Path: /.git/config Request Query: Host: ns2.elhacker.net userAgent: Mozilla ...
show more
Cloudflare WAF: Request Path: /.git/config Request Query: Host: ns2.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/7.1.2 Safari/537.85.11 Action: block Source: firewallManaged ASN Description: AMAZON-AES Country: US Method: GET Timestamp: 2025-12-07T12:34:53Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
|
Hacking
SQL Injection
Web App Attack
|
|
|
๐ฉ๐ช
Trueforce Threat Report
|
|
Automated report, trolling for resource vulnerabilities
|
Bad Web Bot
Web App Attack
|
|