๐บ๐ธ
TPI-Abuse
2026-07-17 09:28:10
(2 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:28:05.553425 2026] [security2:error] [pid 7192:tid 7192] [client 154.127.56.157:54373] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||airdriedrivingschool.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "airdriedrivingschool.com"] [uri "/.vscode/sftp.json"] [unique_id "aln1pc_YmLf_QkMzScMobAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:37:00
(3 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:36:57.040767 2026] [security2:error] [pid 663516:tid 663516] [client 154.127.56.157:54100] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||arnoldwell.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "arnoldwell.com"] [uri "/.vscode/sftp.json"] [unique_id "alnpqS9LcS3cUEGp7BoO8AAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:21:37
(3 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:21:33.695261 2026] [security2:error] [pid 615423:tid 615480] [client 154.127.56.157:62540] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||accutar.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "accutar.com"] [uri "/.vscode/sftp.json"] [unique_id "alnmDVYHl_qFqhuewYZ7XAAAAJY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:55:20
(5 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:55:17.175536 2026] [security2:error] [pid 3628724:tid 3628724] [client 154.127.56.157:65312] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||americanlegion935.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "americanlegion935.com"] [uri "/.vscode/sftp.json"] [unique_id "alnR1cZwMbf7C-jb6aX9fgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 05:22:41
(6 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:22:37.608207 2026] [security2:error] [pid 10304:tid 10304] [client 154.127.56.157:55621] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||aprilparks.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "aprilparks.com"] [uri "/.vscode/sftp.json"] [unique_id "alm8HUmnWTjrCuZTb9eLGQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
findlab
2026-07-17 04:35:02
(7 hours ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-17 03:45:01
(8 hours ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
Matthew Ping
2026-07-17 01:45:04
(10 hours ago)
ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 23:57:10
(12 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 19:57:04.908883 2026] [security2:error] [pid 2315:tid 2315] [client 154.127.56.157:63124] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||achillespress.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "achillespress.com"] [uri "/.vscode/sftp.json"] [unique_id "allv0E2iUDoGPXF0h40soAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 22:54:38
(13 hours ago)
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 18:54:34.113932 2026] [security2:error] [pid 25036:tid 25036] [client 154.127.56.157:50861] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||acadianahero.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/alveusclub.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "acadianahero.com"] [uri "/.vscode/sftp.json"] [unique_id "allhKshmYNZ3yvqdP6YwnwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 22:03:53
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 18:03:46.122679 2026] [security2:error] [pid 30473:tid 30473] [client 154.127.56.157:64482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aactioninv.com"] [uri "/sftp-config.json"] [unique_id "allVQhTlb_9zK3bi9sE0zgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:31:10
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:31:04.123868 2026] [security2:error] [pid 28761:tid 28761] [client 154.127.56.157:54812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mitchellamazing.com"] [uri "/sftp-config.json"] [unique_id "allNmAgt8WKW0crP7IFWCwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-16 20:48:01
(15 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:43:30
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:43:25.575479 2026] [security2:error] [pid 7615:tid 7697] [client 154.127.56.157:58816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "achillconsulting.com"] [uri "/sftp-config.json"] [unique_id "allCbd15dZJOWSNZDvmnNgAAAhQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:20:43
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 154.127.56.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:20:36.496399 2026] [security2:error] [pid 28740:tid 28740] [client 154.127.56.157:54474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "angeltarrac.com"] [uri "/sftp-config.json"] [unique_id "alkvBNMzQRaxbfnDFhP4_gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack