๐บ๐ธ
TPI-Abuse
2026-07-13 12:42:47
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 08:42:44.418657 2026] [security2:error] [pid 13153:tid 13153] [client 178.128.126.146:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totalsafe-security.com"] [uri "/sftp-config.json"] [unique_id "alTdRCysEcfzrotB5G3oFwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-07-13 05:13:45
(22 hours ago)
2 attacks on password grabbing URLs:
GET /.vscode/sftp.json HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 03:40:20
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:40:13.023011 2026] [security2:error] [pid 9190:tid 9190] [client 178.128.126.146:53936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trinitydent.com"] [uri "/sftp-config.json"] [unique_id "alReHaFwEm-YbUGp4lxLewAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:33:04
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:33:01.017789 2026] [security2:error] [pid 24757:tid 24757] [client 178.128.126.146:57987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trigonom.com"] [uri "/sftp-config.json"] [unique_id "alROXfN3Tukda-y1dJqW2AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-13 02:06:01
(1 day ago)
Fail2Ban - [WAF]ModSecurity OWASP CRS rule violation on nginx-modsecurity ... [ice01]
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 01:58:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:58:25.240111 2026] [security2:error] [pid 2611898:tid 2611898] [client 178.128.126.146:59681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tribe360.io"] [uri "/sftp-config.json"] [unique_id "alRGQYaBOf9QGqytctQWaAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 01:43:30
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:43:22.818210 2026] [security2:error] [pid 4475:tid 4475] [client 178.128.126.146:63189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tributetoelvis.com"] [uri "/sftp-config.json"] [unique_id "alRCuoXqhrGU0HdrJQAgCgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
nzhost.co.nz
2026-07-13 01:28:25
(1 day ago)
$f2bV_matches
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 01:10:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:10:24.905930 2026] [security2:error] [pid 17008:tid 17008] [client 178.128.126.146:65377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tribecalledfamilypodcast.org"] [uri "/sftp-config.json"] [unique_id "alQ7AGtR42eBfeVBb-wWswAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-13 01:07:02
(1 day ago)
Fail2Ban - [WAF]ModSecurity OWASP CRS rule violation on nginx-modsecurity ... [wa01,wa02]
Hacking
SQL Injection
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-13 00:51:53
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 00:36:01
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 20:35:57.789706 2026] [security2:error] [pid 27059:tid 27082] [client 178.128.126.146:53048] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toniskitchenlakegregory.com"] [uri "/sftp-config.json"] [unique_id "alQy7YrSDu1mHtyOjNKdrQAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-13 00:05:14
(1 day ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 23:37:52
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.126.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 19:37:48.721608 2026] [security2:error] [pid 32181:tid 32181] [client 178.128.126.146:64815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "treeofloveproductions.com"] [uri "/sftp-config.json"] [unique_id "alQlTBA6J43wsBIZBDs0ggAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-12 23:36:42
(1 day ago)
1.212 requests with url.path *config.json
1.120 requests with url.path *sftp.json
Brute-Force
Bad Web Bot