Threat LevelHIGH37/1002 rule types
2 incidents on record · last seen 6d ago
| PTR | NXDOMAIN |
| Org / ASN | Advin Services LLC |
| Country | US |
Attack Analysis
Bad Bot Flood
This IP generated over 20 HTTP 4xx errors in 60 seconds using a User-Agent identified as a bad bot (scraper, headless browser, or attack proxy). The high error rate indicates automated probing for vulnerabilities while trying to appear as generic traffic. Legitimate services respect robots.txt and do not flood servers with errors.
Git Repository Exposure Probe
This IP requested the /.git/ directory, attempting to download source code, commit history, database credentials, and API keys from an accidentally exposed Git repository. Automated tools can reconstruct an entire codebase from an exposed .git folder. No legitimate client ever requests this path.
Reports (2)
| Date | Severity | Description |
|---|---|---|
| 26 May 2026 - 16:41 | high | Rule 100312: Web: Git repo exposure probe |
| 26 May 2026 - 16:40 | high | Rule 100306: Web: Bad bot 4xx flood — 20+ errors in 60s |