๐ฎ๐ฉ
origrata
2026-07-01 14:19:34
(10 hours ago)
[OGWAF] path_traversal attack blocked | severity: high | GET /.vscode/sftp.json | UA: Mozilla/5.0 (W ...
show more
[OGWAF] path_traversal attack blocked | severity: high | GET /.vscode/sftp.json | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Sa
show less
Hacking
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-01 13:59:47
(11 hours ago)
dot file probe
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-01 13:52:15
(11 hours ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 178.128.25.70 (SG/Singapore/-): 1 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 178.128.25.70 (SG/Singapore/-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 23:23:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 19:23:19.889894 2026] [security2:error] [pid 20759:tid 20773] [client 178.128.25.70:59328] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "faimreps.com"] [uri "/sftp-config.json"] [unique_id "akRP59ZZefIYBAjREItixQAAAYI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:05:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:05:17.451264 2026] [security2:error] [pid 4793:tid 4793] [client 178.128.25.70:57118] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "egrabbagsale.com"] [uri "/sftp-config.json"] [unique_id "akQTbXa_W5Sp8hDcbXrfcQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-30 17:08:02
(1 day ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-30 16:07:02
(1 day ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 15:28:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 11:28:02.142585 2026] [security2:error] [pid 13564:tid 13620] [client 178.128.25.70:51604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markhoran.pictures"] [uri "/sftp-config.json"] [unique_id "akPggulg8Zx52j5y6fx-AQAAARg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 09:49:52
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:49:48.138065 2026] [security2:error] [pid 12207:tid 12207] [client 178.128.25.70:58838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "damonmarks.com"] [uri "/sftp-config.json"] [unique_id "akORPAfqRhPm9W8CdpJI1wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:32:17
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:32:13.152859 2026] [security2:error] [pid 5170:tid 5170] [client 178.128.25.70:58363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madandproud.com"] [uri "/sftp-config.json"] [unique_id "akN_DQ4HLNl5XxuJE7SukgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:00:39
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:00:33.046483 2026] [security2:error] [pid 26930:tid 26930] [client 178.128.25.70:59707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drunkenmonkeystyle.com"] [uri "/sftp-config.json"] [unique_id "akN3ocMyDtvA6qq8PK-9FgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:26:03
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:25:57.094670 2026] [security2:error] [pid 29684:tid 29684] [client 178.128.25.70:53924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "safeharbourfund.com"] [uri "/sftp-config.json"] [unique_id "akNvhc1aSumBzQSLys9zmQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 05:30:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 01:30:37.398564 2026] [security2:error] [pid 21272:tid 21272] [client 178.128.25.70:63776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "godscreationobservatory.com"] [uri "/sftp-config.json"] [unique_id "akNUfYiZhDlqPJPVuO2cpwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 04:04:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.25.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:04:44.130443 2026] [security2:error] [pid 14651:tid 14651] [client 178.128.25.70:63916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ellesorority.com"] [uri "/sftp-config.json"] [unique_id "akNAXPE_iO2s7olLkBiC2AAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rayulcifer
2025-10-08 17:03:14
(8 months ago)
178.128.25.70 - - [08/Oct/2025:11:57:24 -0500] "CONNECT fesur.sabu.edu.ly:443:443 HTTP/1.1" 400 492 ...
show more
178.128.25.70 - - [08/Oct/2025:11:57:24 -0500] "CONNECT fesur.sabu.edu.ly:443:443 HTTP/1.1" 400 492 "-" "-"
178.128.25.70 - - [08/Oct/2025:12:03:13 -0500] "CONNECT fesur.sabu.edu.ly:443:443 HTTP/1.1" 400 492 "-" "-"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH