๐บ๐ธ
TPI-Abuse
2026-07-09 14:04:37
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 10:04:32.674040 2026] [security2:error] [pid 20999:tid 20999] [client 157.52.122.77:30450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.valuechains4poor.net"] [uri "/.git/HEAD"] [unique_id "ak-qcCWjkfeqFp9RsQnxGgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 13:24:21
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 09:24:16.452350 2026] [security2:error] [pid 23319:tid 23319] [client 157.52.122.77:20888] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albioncapitalfund.starrmail.net"] [uri "/.git/HEAD"] [unique_id "ak-hAIde3qwPidfHch597AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 09:29:39
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:29:31.989196 2026] [security2:error] [pid 9241:tid 9241] [client 157.52.122.77:38972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.m2pg.net"] [uri "/.git/config"] [unique_id "ak9p-96oH1yC01yR1FeTOQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 08:44:50
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:44:45.600589 2026] [security2:error] [pid 28470:tid 28589] [client 157.52.122.77:57124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.justwondering.net"] [uri "/.git/config"] [unique_id "ak9ffZmLXMmUU_hyBPAH-AAAAg4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-09 08:40:03
(8 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 157.52.122.77 (SE/Sweden/-): 1 in the ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 157.52.122.77 (SE/Sweden/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 07:33:06
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:33:03.324802 2026] [security2:error] [pid 28289:tid 28289] [client 157.52.122.77:29026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.californiabrokers.net.californiaappraisers.net"] [uri "/.git/config"] [unique_id "ak9Or3Nxr6644NS4GyOPIAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:32:09
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:32:05.731997 2026] [security2:error] [pid 9002:tid 9002] [client 157.52.122.77:59090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tomorrowsdust.net"] [uri "/.git/HEAD"] [unique_id "ak8yVd3mymcGMk_YyA4MwAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-07-09 04:30:56
(12 hours ago)
Triggered Cloudflare WAF (firewallCustom) from SE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from SE.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: git/2.39.2
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-08 21:21:54
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 17:21:51.485369 2026] [security2:error] [pid 12621:tid 12621] [client 157.52.122.77:35668] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.seastrand.net"] [uri "/.git/HEAD"] [unique_id "ak6_b0VxrT8n6L35lmEQoQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 15:30:45
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:30:42.012972 2026] [security2:error] [pid 15180:tid 15180] [client 157.52.122.77:32426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mykidsdaycare.net"] [uri "/.git/HEAD"] [unique_id "ak5tIlqeP-tLdUwY9UYLJwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 08:30:53
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:30:47.230338 2026] [security2:error] [pid 26688:tid 26811] [client 157.52.122.77:58576] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.seguroslugo.net"] [uri "/.git/config"] [unique_id "ak4Ktw8QMEB_4jQeU_iaAwAAAQM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-08 08:06:48
(1 day ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 157.52.122.77 (SE/Sweden/-): 2 in the ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 157.52.122.77 (SE/Sweden/-): 2 in the last 3600 secs (0-196)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-08 05:56:46
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 01:56:41.649420 2026] [security2:error] [pid 7449:tid 7449] [client 157.52.122.77:26650] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.xirin.net"] [uri "/.git/HEAD"] [unique_id "ak3mmbfi1nKA1s6K3O1bMgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 05:14:15
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 01:14:11.312707 2026] [security2:error] [pid 31569:tid 31569] [client 157.52.122.77:36036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creationorevolution.net"] [uri "/.git/HEAD"] [unique_id "ak3co5PnFRPEonAEsDmcCAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-08 03:36:36
(1 day ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 157.52.122.77 (SE/Sweden/-): 1 in the ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 157.52.122.77 (SE/Sweden/-): 1 in the last 3600 secs (0-195)
show less
Hacking