|
๐ซ๐ท
masterguru
|
|
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.50.118.44 (44.118.50.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.50.118.44 (44.118.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:36:43.045243 2026] [security2:error] [pid 21308:tid 21308] [client 34.50.118.44:54694] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.barriebrown.com.thephysicsroom.com"] [uri "/build/.git/config"] [unique_id "aj3Xqx7pkzYuwdm-K4GbXwAAACQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.50.118.44 (44.118.50.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.50.118.44 (44.118.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:16:56.817833 2026] [security2:error] [pid 30266:tid 30266] [client 34.50.118.44:60148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.radioairplay.joebankx.com"] [uri "/frontend/.git/config"] [unique_id "aj3TCBjRMWt8j-D_7IpKyAAAAAM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.50.118.44 (44.118.50.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.50.118.44 (44.118.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 20:05:42.375551 2026] [security2:error] [pid 9400:tid 9400] [client 34.50.118.44:37884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ostarek.com"] [uri "/html/.git/config"] [unique_id "aj3CVrr_fHQsZ3UL86sxRQAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ณ๐ฑ
Savvii
|
|
20 attempts against mh-misbehave-ban on pyrus
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
knock
|
|
Knock-Knock honeypot brute-force: proto8 (31 total hits)
|
Brute-Force
|
|
|
๐ซ๐ฎ
Some Body
|
|
Aggressive web scan
|
Brute-Force
Web App Attack
|
|
|
๐ฉ๐ช
enjoyably
|
|
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
|
Web App Attack
Hacking
|
|
|
๐ต๐น
nuno
|
|
34.50.118.44 - - [25/Jun/2026:16:36:10 +0100] host:443 "GET /.git/config HTTP/1.1" 404 780 "-" "Mozi ...
show more
34.50.118.44 - - [25/Jun/2026:16:36:10 +0100] host:443 "GET /.git/config HTTP/1.1" 404 780 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/5.0.4.3000 Chrome/47.0.2526.73 Safari/537.36" "-" 0.000 -
34.50.118.44 - - [25/Jun/2026:16:36:15 +0100] host:443 "GET /admin/.git/config HTTP/1.1" 404 780 "-" "Mozilla/5.0 (Linux; Android 9; SM-G965F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" "-" 0.000 -
...
show less
|
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
Multiple WAF Violations
|
Web App Attack
|
|
|
๐ฉ๐ช
Hary74656
|
|
[Thu Jun 25 13:24:29.324754 2026] [security2:error] [pid 50258:tid 50434] [client 34.50.118.44:38972 ...
show more
[Thu Jun 25 13:24:29.324754 2026] [security2:error] [pid 50258:tid 50434] [client 34.50.118.44:38972] [client 34.50.118.44] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.git/ found within REQUEST_FILENAME: /v2/.git/config"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "odin.weavernet.at"] [uri "/v2/.git/config"] [unique_id "aj0P52-QF4xCNLMdYPOg0gAAAOQ"]
[Thu Jun 25 13:24:29.324772 2026] [security2:error] [pid 50532:tid 50635] [client 34.50.118.44:38952] [client 34.50.118.44] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "
...
show less
|
Web App Attack
|
|
|
๐ช๐ธ
robotstxt
|
|
34.50.118.44 - - [15/Jun/2026:13:38:39 +0000] "GET /mail.zip HTTP/1.1" 404 146 "-" "Mozilla/5.0 (X11 ...
show more
34.50.118.44 - - [15/Jun/2026:13:38:39 +0000] "GET /mail.zip HTTP/1.1" 404 146 "-" "Mozilla/5.0 (X11; U; Linux armv61; en-US; rv:1.9.1b2pre) Gecko/20081015 Fennec/1.0a1" "-"
34.50.118.44 - - [15/Jun/2026:13:38:39 +0000] "GET /mailer.zip HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G975U Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36" "-"
34.50.118.44 - - [15/Jun/2026:13:38:41 +0000] "GET /mailer/sendgrid.js HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36" "-"
34.50.118.44 - - [15/Jun/2026:13:38:41 +0000] "GET /mailer/sendgrid.py HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "-"
34.50.118.44 - - [15/Jun/2026:13:38:41 +0000] "GET /mail/sendgrid.py HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Linux; Android 8.0.0; SAMSUNG-SM-G891A) AppleWebK
...
show less
|
Bad Web Bot
|
|
|
๐ณ๐ฑ
Savvii
|
|
89 attempts against mh_ha-misbehave-ban on plum
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ท๐บ
DZBOT
|
|
DZBOT: Website Scanning / Scraping
|
Bad Web Bot
Exploited Host
Web App Attack
|
|
|
๐ณ๐ฑ
Site.eu
|
|
Excessive multi-domain requests
|
Brute-Force
|
|