๐บ๐ธ
TPI-Abuse
2026-07-01 21:14:46
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:14:38.407099 2026] [security2:error] [pid 13184:tid 13184] [client 136.143.250.9:37016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agworldmissions.org"] [uri "/sftp-config.json"] [unique_id "akWDPp2ffc_YN4tBo6ffMwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:26:02
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:25:55.705872 2026] [security2:error] [pid 5710:tid 5710] [client 136.143.250.9:51762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ixd.net"] [uri "/kvick//sftp-config.json"] [unique_id "akUVY7C4Cc6LmtTFN5oSJgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:10:25
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:09:59.865946 2026] [security2:error] [pid 8221:tid 8221] [client 136.143.250.9:62844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.al-harbi.com"] [uri "/m.html/sftp-config.json"] [unique_id "akURp3HH-p6JyVbpEhjYvgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:55:14
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:55:06.914804 2026] [security2:error] [pid 25105:tid 25114] [client 136.143.250.9:34368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dasperformance.com"] [uri "/sftp-config.json"] [unique_id "akN2WsA-FClF9eGdmZeQ1wAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-30 07:05:24
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 23:37:44
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:37:35.424082 2026] [security2:error] [pid 14070:tid 14070] [client 136.143.250.9:47058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darkcodedesign.net"] [uri "/sftp-config.json"] [unique_id "akMBv4H5eZvmp0qzuzNC0gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 17:41:41
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 13:41:37.291500 2026] [security2:error] [pid 21626:tid 21626] [client 136.143.250.9:43520] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dantobinlaw.com"] [uri "/sftp-config.json"] [unique_id "akKuUYYw8_OaDaaRkIm8nAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:35:43
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:35:39.007438 2026] [security2:error] [pid 14471:tid 14471] [client 136.143.250.9:37940] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dancingbearprinting.com"] [uri "/sftp-config.json"] [unique_id "akIgS7dp_-U-6-cb0-X5aAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-29 05:14:48
(3 days ago)
2 attacks on password grabbing URLs:
GET /.vscode/sftp.json HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-28 08:36:41
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:36:33.426836 2026] [security2:error] [pid 18054:tid 18054] [client 136.143.250.9:32570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "d2dbma.com"] [uri "/sftp-config.json"] [unique_id "akDdEdIY-A9k7_zk-KIBhQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 18:28:27
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:28:22.092126 2026] [security2:error] [pid 19317:tid 19317] [client 136.143.250.9:17918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cxenterprise.com"] [uri "/sftp-config.json"] [unique_id "akAWRtFr3R6dTmzBtulKgAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 15:35:13
(4 days ago)
[ConfigAccess] Configuration file access attempt: Config file access attempt: config.json (path: /sf ...
show more
[ConfigAccess] Configuration file access attempt: Config file access attempt: config.json (path: /sftp-config.json)
show less
Hacking
Web App Attack
Anonymous
2026-06-26 21:42:05
(5 days ago)
Unauthorized access (80/tcp/http)
Port Scan
Web App Attack
๐ฌ๐ง
CrystalMaker
2026-06-26 20:02:47
(5 days ago)
Vulnerability scan - GET /sftp-config.json
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-26 16:32:31
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.143.250.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:32:26.965589 2026] [security2:error] [pid 12745:tid 12745] [client 136.143.250.9:53034] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cruisingforsex.com"] [uri "/sftp-config.json"] [unique_id "aj6pmuv35jHCj_bfOtQCFwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack