๐บ๐ธ
TPI-Abuse
2026-07-18 13:34:27
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 09:34:22.097520 2026] [security2:error] [pid 23481:tid 23481] [client 158.140.211.21:34464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coalminer.com"] [uri "/sftp-config.json"] [unique_id "aluA3gb4K616M1cXVP0vRAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
thilo
2026-07-17 22:33:38
(1 day ago)
Probe for vulnerabilities. Path attempted: /.vscode/sftp
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 16:44:37
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 12:44:30.998628 2026] [security2:error] [pid 28164:tid 28164] [client 158.140.211.21:35914] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clevercad.com"] [uri "/sftp-config.json"] [unique_id "alpb7tjf4DkDZ_e4sCdQyAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 16:25:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 12:25:14.665869 2026] [security2:error] [pid 18426:tid 18426] [client 158.140.211.21:48098] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cles-fonctionnel.com"] [uri "/sftp-config.json"] [unique_id "alpXag1oAFJx7pUcFR_AjQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 13:25:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:25:18.583535 2026] [security2:error] [pid 27146:tid 27146] [client 158.140.211.21:44838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cleaningmedical.com"] [uri "/sftp-config.json"] [unique_id "alotPsnsbkkLhAHnYsiN9wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 05:06:59
(1 day ago)
(mod_security) mod_security (id:210580) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:06:54.157150 2026] [security2:error] [pid 15995:tid 16012] [client 158.140.211.21:3764] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||cjherbalremedies.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/sprutcam.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "cjherbalremedies.com"] [uri "/.vscode/sftp.json"] [unique_id "alm4btNdnDbk-HYpNq21RAAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:38:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:38:42.633368 2026] [security2:error] [pid 195747:tid 195747] [client 158.140.211.21:42142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cityslickerstomp.info"] [uri "/sftp-config.json"] [unique_id "almjwlXz4q_NR5DnCP9uGgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:57:05
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:57:01.660088 2026] [security2:error] [pid 16177:tid 16177] [client 158.140.211.21:53446] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cityindustries.com"] [uri "/sftp-config.json"] [unique_id "almZ_av3I22dIpneDGye3AAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-17 02:36:13
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 23:41:38
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 19:41:33.403181 2026] [security2:error] [pid 24357:tid 24357] [client 158.140.211.21:7946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circlethreefl.com"] [uri "/sftp-config.json"] [unique_id "allsLfYxfi1fkYMXuSHhsgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:44:29
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:44:20.656951 2026] [security2:error] [pid 19331:tid 19331] [client 158.140.211.21:41986] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cidv.com"] [uri "/sftp-config.json"] [unique_id "alk0lMaYnTVU_5iPz32g5wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack