๐บ๐ธ
TPI-Abuse
2026-07-14 10:07:51
(54 minutes ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 06:07:45.011019 2026] [security2:error] [pid 27038:tid 27038] [client 157.85.211.112:25351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ezsmiledental.com"] [uri "/sftp-config.json"] [unique_id "alYKcfWFHE1mG6WBMF2cvwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-14 09:26:23
(1 hour ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-14 08:28:26
(2 hours ago)
Web application exploitation attempts blocked at the web server edge
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 07:43:44
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 03:43:41.769883 2026] [security2:error] [pid 11479:tid 11479] [client 157.85.211.112:24626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2pollards.com"] [uri "/sftp-config.json"] [unique_id "alXorZjBaO286KUNKFjVjAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 07:19:31
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 03:19:27.004834 2026] [security2:error] [pid 14010:tid 14055] [client 157.85.211.112:26254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dpscsde.com"] [uri "/sftp-config.json"] [unique_id "alXi_3U7gNqIe9SJzc2WBgAAAk8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 06:58:06
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:57:58.433316 2026] [security2:error] [pid 22134:tid 22134] [client 157.85.211.112:20284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "namefinder.com"] [uri "/sftp-config.json"] [unique_id "alXd9vpcYWbP1v5lxRO5BgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 05:53:37
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 01:53:34.074987 2026] [security2:error] [pid 30304:tid 30304] [client 157.85.211.112:30218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elsmithpest.com"] [uri "/sftp-config.json"] [unique_id "alXO3piZB1ZvRxSdDxTy6gAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 05:28:25
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 01:28:19.463310 2026] [security2:error] [pid 7346:tid 7346] [client 157.85.211.112:37406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aromatherapyricebags.com"] [uri "/sftp-config.json"] [unique_id "alXI824qdCBmbh8SpjSGnAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 04:50:29
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 00:50:22.965109 2026] [security2:error] [pid 12956:tid 12956] [client 157.85.211.112:24149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "noisepie.com"] [uri "/fauxpashq/index.htm/sftp-config.json"] [unique_id "alXADoTonWa5PRooh4k83wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-14 04:40:41
(6 hours ago)
dot file probe
Web App Attack
๐ง๐ช
cmbplf
2026-07-14 04:27:20
(6 hours ago)
113 requests with url.path *config.json
107 requests with url.path *sftp.json
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-14 04:03:28
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 00:03:21.919540 2026] [security2:error] [pid 26127:tid 26127] [client 157.85.211.112:20258] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ablogisticsgroup.com"] [uri "/sftp-config.json"] [unique_id "alW1CcCmiRPF6uHXN-AtkQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 02:45:26
(8 hours ago)
(mod_security) mod_security (id:949110) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:45:22.047247 2026] [security2:error] [pid 4526:tid 4526] [client 157.85.211.112:23941] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "advancedrentalandservice.com"] [uri "/sftp-config.json"] [unique_id "alWiwiXkPfK4yzXqFep2sgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:46:51
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:46:45.704770 2026] [security2:error] [pid 21220:tid 21220] [client 157.85.211.112:25808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftwwx.com"] [uri "/sftp-config.json"] [unique_id "alWVBdmTTthF7aYcUrYgZgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:13:04
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.85.211.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:12:56.119940 2026] [security2:error] [pid 16900:tid 16900] [client 157.85.211.112:7402] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthuregau.com"] [uri "/sftp-config.json"] [unique_id "alWNGDa0ixqwDNJC3hEiGwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack