๐บ๐ธ
TPI-Abuse
2026-07-06 10:15:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 06:15:20.584631 2026] [security2:error] [pid 18571:tid 18571] [client 136.143.250.30:20722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coyotepoet.com"] [uri "/sftp-config.json"] [unique_id "akuAOFtRcw3ian-xJTKjegAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2026-07-06 03:57:06
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from BE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from BE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-06 02:04:21
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:03:50.956996 2026] [security2:error] [pid 11543:tid 11543] [client 136.143.250.30:21016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acpalms.com"] [uri "/sftp-config.json"] [unique_id "aksNBsxrgs1pCBb_3JHgegAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 14:08:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:08:00.667826 2026] [security2:error] [pid 20212:tid 20212] [client 136.143.250.30:35960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abcollie.com"] [uri "/sftp-config.json"] [unique_id "akplQN3jkeUOY0vt6ccAvwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 12:38:12
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 08:37:51.353627 2026] [security2:error] [pid 25180:tid 25180] [client 136.143.250.30:6450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ritterlien.com"] [uri "/sftp-config.json"] [unique_id "akpQH5RHo798qBrNjaumyAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 20:45:59
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:45:56.055292 2026] [security2:error] [pid 2070:tid 2070] [client 136.143.250.30:44984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ags-ga.com"] [uri "/sftp-config.json"] [unique_id "aklxBBjUZ5a0FYKY6cHXcgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 23:07:25
(3 days ago)
(mod_security) mod_security (id:210580) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:07:16.985575 2026] [security2:error] [pid 1990:tid 1990] [client 136.143.250.30:57258] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||desertvacationvillas.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/theozlottery.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "desertvacationvillas.com"] [uri "/.vscode/sftp.json"] [unique_id "akhApMsgl-IjK36DiqgjawAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:27:17
(3 days ago)
(mod_security) mod_security (id:210580) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 136.143.250.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:26:47.108307 2026] [security2:error] [pid 13663:tid 13683] [client 136.143.250.30:26388] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.abusaimeh.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/theozlottery.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.abusaimeh.com"] [uri "/403.shtml"] [unique_id "akgpFxBkJo9dNQBt_UT9YAAAAJA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 18:45:12
(3 days ago)
130 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐ฉ๐ช
MusicLibrary
2026-07-03 15:16:14
(3 days ago)
Probing foreign-stack admin panels / known exploit paths (Joomla, phpMyAdmin, phpunit, OWA, etc.)
Bad Web Bot
Web App Attack