๐บ๐ธ
TPI-Abuse
2026-07-18 06:19:07
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 02:19:02.506531 2026] [security2:error] [pid 954302:tid 954302] [client 158.140.210.23:31360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cmgpartners.com"] [uri "/sftp-config.json"] [unique_id "alsa1qmFar9vIJLkn8UlyQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 05:49:50
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:49:42.020583 2026] [security2:error] [pid 22890:tid 22890] [client 158.140.210.23:41138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmcnow.com"] [uri "/sftp-config.json"] [unique_id "alsT9mvPxag6amxEmDymLwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
abivia
2026-07-18 04:09:09
(17 hours ago)
Abivia WAF trigger: Rule scriptKiddies: Dot file access. uri: /.vscode/sftp.json
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-18 00:29:47
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 20:29:43.531176 2026] [security2:error] [pid 27776:tid 27776] [client 158.140.210.23:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/sftp-config.json"] [unique_id "alrI98gPcUk-t4RaVqyGcwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-07-17 22:58:40
(22 hours ago)
Attempts to probe web pages for vulnerable PHP or other applications
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 21:27:54
(1 day ago)
(mod_security) mod_security (id:949110) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 17:27:47.246090 2026] [security2:error] [pid 1285193:tid 1285193] [client 158.140.210.23:39652] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "clintess.biz"] [uri "/sftp-config.json"] [unique_id "alqeUxY081Q-HuGWHfpa-QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-07-17 10:01:09
(1 day ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 05:06:58
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:06:53.183049 2026] [security2:error] [pid 12386:tid 12397] [client 158.140.210.23:24918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cjherbalremedies.com"] [uri "/sftp-config.json"] [unique_id "alm4bQzQzp3R8ufx1O2drwAAAQg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-17 01:13:50
(1 day ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 158.140.210.23 (-): 1 in the last 36 ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 158.140.210.23 (-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:04:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:04:22.843045 2026] [security2:error] [pid 14446:tid 14446] [client 158.140.210.23:6336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circulodesonido.org"] [uri "/sftp-config.json"] [unique_id "allxhsIyJ4q_ZR0S5dH7ggAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 23:32:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 19:32:06.221809 2026] [security2:error] [pid 17850:tid 17850] [client 158.140.210.23:65408] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circlehealthcaregroup.com"] [uri "/sftp-config.json"] [unique_id "allp9gCU93856by3wGgm6QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 22:23:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 18:23:01.217605 2026] [security2:error] [pid 6709:tid 6709] [client 158.140.210.23:25452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cinesonline.com"] [uri "/sftp-config.json"] [unique_id "allZxYpoG9qbsVU5NcVoPwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:34:48
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:34:45.176734 2026] [security2:error] [pid 29151:tid 29151] [client 158.140.210.23:23318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cinderellanapkins.com"] [uri "/sftp-config.json"] [unique_id "allOdSpQOz1yTHf-G-Sm7QAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:26:16
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:26:12.420831 2026] [security2:error] [pid 25845:tid 25845] [client 158.140.210.23:3546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "churchbehindthewalls.com"] [uri "/sftp-config.json"] [unique_id "alkUNBDZ1bsS7KxvafA56AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:33:57
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:33:52.000849 2026] [security2:error] [pid 31540:tid 31566] [client 158.140.210.23:23952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chronotar.com"] [uri "/sftp-config.json"] [unique_id "alj54I3IOkhjrsV2IZPQjwAAAtY"]
show less
Brute-Force
Bad Web Bot
Web App Attack