π«π·
ELYAZ
2026-07-01 17:45:50
(1 day ago)
(y4) Failed scan -byebye- from 178.212.207.11 (DE/Germany/-): (CF_ENABLE)
Hacking
πΊπΈ
TPI-Abuse
2026-06-30 02:35:27
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 22:35:21.972037 2026] [security2:error] [pid 10024:tid 10024] [client 178.212.207.11:20756] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||littlestarbookspub.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/legalcali.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "littlestarbookspub.com"] [uri "/"] [unique_id "akMraahDkRL0NfOu-TIDHQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 23:41:26
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:41:22.960707 2026] [security2:error] [pid 10796:tid 10796] [client 178.212.207.11:26772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "littlebiglebanon.com"] [uri "/sftp-config.json"] [unique_id "akMCooF1RBZUC8BRW_6JtQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 21:54:43
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 17:54:35.746998 2026] [security2:error] [pid 26503:tid 26503] [client 178.212.207.11:58494] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||literarylights.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/legalcali.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "literarylights.com"] [uri "/.vscode/sftp.json"] [unique_id "akLpm8YWpEr3tYoYu8ASpgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-29 05:11:55
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 02:35:04
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:34:57.869973 2026] [security2:error] [pid 16985:tid 16985] [client 178.212.207.11:30596] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limobusstlouis.com"] [uri "/sftp-config.json"] [unique_id "akHZ0Vs8Y0zznqAHQnBJgwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
4server
2026-06-28 12:22:07
(4 days ago)
[SunJun2814:22:04.3402062026][security2:error][pid1637705:tid1637844][client178.212.207.11:0]ModSecu ...
show more
[SunJun2814:22:04.3402062026][security2:error][pid1637705:tid1637844][client178.212.207.11:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"life-live.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"akER7HIw-xDDnfJkoiqZMgAAARM\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 04:36:59
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:36:53.887752 2026] [security2:error] [pid 6405:tid 6405] [client 178.212.207.11:28880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lhhs69.org"] [uri "/sftp-config.json"] [unique_id "akCk5cElQmVqnGqxQDtKzwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 09:48:18
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:48:12.229776 2026] [security2:error] [pid 1399:tid 1399] [client 178.212.207.11:26388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lenorasflowers.com"] [uri "/sftp-config.json"] [unique_id "aj-cXJpzxb7iCzQdWiCOyQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 02:47:07
(5 days ago)
(mod_security) mod_security (id:210580) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:46:59.057410 2026] [security2:error] [pid 3830:tid 3830] [client 178.212.207.11:65110] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||legalnexuslawfirm.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/legalcali.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "legalnexuslawfirm.com"] [uri "/.vscode/sftp.json"] [unique_id "aj85o3wbEgxdZFKVWf9YOAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 19:33:41
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 15:33:37.457467 2026] [security2:error] [pid 18921:tid 18921] [client 178.212.207.11:51388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "learnserve.net"] [uri "/sftp-config.json"] [unique_id "aj7UEd3Il9XJJ4u0R-exrwAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 14:08:44
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 10:08:39.142592 2026] [security2:error] [pid 3283:tid 3283] [client 178.212.207.11:35956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadek.com"] [uri "/sftp-config.json"] [unique_id "aj6H5zlAhKMRebhvRkrtywAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 13:45:54
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:45:49.941402 2026] [security2:error] [pid 18311:tid 18375] [client 178.212.207.11:9368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lead-sleds.com"] [uri "/sftp-config.json"] [unique_id "aj6CjWiCYT_krMmOXofVXQAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-25 20:35:14
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:35:09.709517 2026] [security2:error] [pid 22702:tid 22828] [client 178.212.207.11:14072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lasertagandgames.com"] [uri "/sftp-config.json"] [unique_id "aj2Q_UaWfBi0rKQO3mBupwAAAI8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-25 14:15:06
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:15:00.422851 2026] [security2:error] [pid 2739:tid 2739] [client 178.212.207.11:17174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "worldpeaceholidaycards.com"] [uri "/sftp-config.json"] [unique_id "aj035EaA2en__2QgjCwKCQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack