quicksand
2024-09-15 21:47:22
(1 month ago)
Malicious URI path [GET /.git/config] [Python-urllib/3.9] **Reported from WAF sampled requests**
Bad Web Bot
Web App Attack
thedreamer.nl
2024-09-13 13:57:10
(1 month ago)
77.77.222.11 - - [13/Sep/2024:15:57:08 +0200] "GET /.git//index HTTP/1.1" 301 162 "-" "Mozilla/5.0 ( ... show more 77.77.222.11 - - [13/Sep/2024:15:57:08 +0200] "GET /.git//index HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36" "BA" "Sarajevo" "43.84530" "18.35920"
77.77.222.11 - - [13/Sep/2024:15:57:09 +0200] "GET /.git//index HTTP/1.1" 200 66641 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36" "BA" "Sarajevo" "43.84530" "18.35920"
77.77.222.11 - - [13/Sep/2024:15:57:10 +0200] "GET /.git//objects/26/f1cb40d262ff53e8099053c07d1c158e41a453 HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36" "BA" "Sarajevo" "43.84530" "18.35920"
77.77.222.11 - - [13/Sep/2024:15:57:10 +0200] "GET /.git//objects/fa/ec9f095ab4d8e58ec9044e08eab7c05636b23a HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82
... show less
Hacking
Brute-Force
Bad Web Bot
Web App Attack
openstrike.co.uk
2024-09-10 05:19:07
(1 month ago)
2 attacks on VC URLs:
GET /.git/config HTTP/1.1
Hacking
yukon.ca
2024-09-09 17:34:29
(1 month ago)
Web Server Enforcement Violation: Web Server Exposed Git Repository Information Disclosure
Por ... show more Web Server Enforcement Violation: Web Server Exposed Git Repository Information Disclosure
Port:80 show less
Hacking
Exploited Host
TPI-Abuse
2024-09-09 17:06:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 13:05:51.657678 2024] [security2:error] [pid 29113:tid 29113] [client 77.77.222.11:29857] [client 77.77.222.11] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yogitunes.com"] [uri "/.git/config"] [unique_id "Zt8q7zrFvN0woUWoKF2IbAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Burayot
2024-09-09 16:56:59
(1 month ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 77.77.222.11 (BA/Bosnia and Herzegov ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 77.77.222.11 (BA/Bosnia and Herzegovina/-): 2 in the last 3600 secs show less
Web App Attack
tjs
2024-09-09 12:30:00
(1 month ago)
web attack
Hacking
Web App Attack
Anonymous
2024-09-09 12:09:17
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
Ba-Yu
2024-09-09 11:30:05
(1 month ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-09-09 11:01:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 07:01:32.300607 2024] [security2:error] [pid 29992:tid 29992] [client 77.77.222.11:32127] [client 77.77.222.11] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wisconsinstatehuntingexpo.com"] [uri "/.git/config"] [unique_id "Zt7VjBXaF-I-eTLkCVV7DgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Aetherweb Ark
2024-09-09 10:20:15
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (BA/Bosnia and Herzegovina/-): N i ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (BA/Bosnia and Herzegovina/-): N in the last X secs show less
Web App Attack
TPI-Abuse
2024-09-09 10:14:06
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 06:14:00.539407 2024] [security2:error] [pid 195293:tid 195338] [client 77.77.222.11:33933] [client 77.77.222.11] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whatismetamodern.com"] [uri "/.git/config"] [unique_id "Zt7KaKfvGIMqpq2I7t9PGgAAAU8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-09 09:13:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 05:13:24.828285 2024] [security2:error] [pid 5988:tid 5988] [client 77.77.222.11:33700] [client 77.77.222.11] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wealthsec.com"] [uri "/.git/config"] [unique_id "Zt68NI1evePUfAMCF_qqNQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-09 08:52:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 04:52:38.661457 2024] [security2:error] [pid 25253:tid 25253] [client 77.77.222.11:35257] [client 77.77.222.11] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "washcountyfair.com"] [uri "/.git/config"] [unique_id "Zt63VjzG1OXrxksYBrHjHQAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-09 08:35:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 77.77.222.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 04:35:07.159252 2024] [security2:error] [pid 1594:tid 1594] [client 77.77.222.11:30062] [client 77.77.222.11] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wailthelifeofbudpowell.com"] [uri "/.git/config"] [unique_id "Zt6zO7nKvgTr_lZD9W2QnQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack