π«π·
masterguru
2026-07-07 08:56:31
(11 minutes ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 08:24:30
(43 minutes ago)
(mod_security) mod_security (id:210492) triggered by 2002:a763:4e10::a763:4e10 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2002:a763:4e10::a763:4e10 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:24:23.424081 2026] [security2:error] [pid 14092:tid 14092] [client 2002:a763:4e10::a763:4e10:62347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.birdlovesfish.com"] [uri "/sftp-config.json"] [unique_id "aky3t8cVPYAls5-zsRqXNQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 08:09:06
(59 minutes ago)
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:08:56.149583 2026] [security2:error] [pid 22091:tid 22091] [client 167.99.78.16:52117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.accordionfactory.com"] [uri "/Concerto//sftp-config.json"] [unique_id "aky0GAD9dX6Yz3nue7felgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
cmbplf
2026-07-07 07:49:26
(1 hour ago)
163 requests with url.path *config.json
Brute-Force
Bad Web Bot
πͺπΈ
alferez
2026-07-07 07:46:21
(1 hour ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
π«π·
masterguru
2026-07-07 07:29:38
(1 hour ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
πΊπΈ
mnsf
2026-07-07 07:05:27
(2 hours ago)
Too many Status 40X (18)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 07:02:49
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 03:02:43.137576 2026] [security2:error] [pid 20820:tid 20835] [client 167.99.78.16:63320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dulemba.com"] [uri "/index_ColoringPages.html/sftp-config.json"] [unique_id "akykk9ii3vR1vIhF-sAV4gAAAI0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 05:31:07
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 01:31:03.886760 2026] [security2:error] [pid 3437:tid 3440] [client 167.99.78.16:63587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "condomanagement360.com"] [uri "/sftp-config.json"] [unique_id "akyPF0ZsDfSPpcexmGXS2QAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 04:58:04
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 00:58:00.548455 2026] [security2:error] [pid 28498:tid 28498] [client 167.99.78.16:53571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "concentricsteel.com"] [uri "/sftp-config.json"] [unique_id "akyHWJn_lHPGBoN_L7YUGwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-07 04:47:39
(4 hours ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
π¬π§
consul.to
2026-07-07 04:09:27
(4 hours ago)
Web attack/malicious scanning detected
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 04:02:25
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 00:02:18.561157 2026] [security2:error] [pid 7820:tid 7820] [client 167.99.78.16:58077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coconut-homes.com"] [uri "/sftp-config.json"] [unique_id "akx6Sgcqkv63t5JKQq3QIAAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-07 03:58:54
(5 hours ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-197)
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 02:24:16
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 167.99.78.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 22:24:13.160726 2026] [security2:error] [pid 10937:tid 10937] [client 167.99.78.16:54071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cleanbuildingservices.com"] [uri "/sftp-config.json"] [unique_id "akxjTZNpC0s6z-M_YnPpuAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack