๐บ๐ธ
TPI-Abuse
2026-07-18 11:05:12
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 07:05:08.638056 2026] [security2:error] [pid 31371:tid 31371] [client 178.212.207.26:42616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cnwire.com"] [uri "/sftp-config.json"] [unique_id "altd5DPwTJRcl97qGv49gQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 07:39:04
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 03:38:58.169010 2026] [security2:error] [pid 10886:tid 10914] [client 178.212.207.26:50030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmykdesign.com"] [uri "/sftp-config.json"] [unique_id "alstkqF-CYkCMXtyqEaV6AAAAJg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-18 03:24:50
(1 day ago)
Try to access /.vscode/sftp.json
Web App Attack
๐ฉ๐ช
HERA - Operations
2026-07-18 02:50:03
(1 day ago)
club-herrmann - searching for vulnerable scripts: sftp-config.json 2026/07/18 04:50:03
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 21:37:37
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 17:37:30.342880 2026] [security2:error] [pid 504380:tid 504380] [client 178.212.207.26:48142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clip24.net"] [uri "/sftp-config.json"] [unique_id "alqgmmRuj0tbBEmxSLPefQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 21:15:58
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 17:15:54.196569 2026] [security2:error] [pid 7046:tid 7046] [client 178.212.207.26:39324] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cliniquecavalancia.com"] [uri "/sftp-config.json"] [unique_id "alqbikpSTUxv0cznL9IQnAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:23:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:23:14.223797 2026] [security2:error] [pid 813970:tid 813970] [client 178.212.207.26:9808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clcmillvale.com"] [uri "/sftp-config.json"] [unique_id "aloeslkM7Irm4rGTNUHACwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 09:30:59
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:30:55.424745 2026] [security2:error] [pid 793914:tid 793935] [client 178.212.207.26:36320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "classactionlawsuit.org"] [uri "/sftp-config.json"] [unique_id "aln2T5HyzoPc446I6_YJngAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:28:34
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:28:27.983811 2026] [security2:error] [pid 25583:tid 25583] [client 178.212.207.26:59658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clambakebeachhouse.com"] [uri "/sftp-config.json"] [unique_id "alnZmzmfaGgEWKDy-iBSswAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 04:29:15
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:29:12.129483 2026] [security2:error] [pid 11619:tid 11619] [client 178.212.207.26:46566] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||civilwarzone.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/sprutcam.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "civilwarzone.com"] [uri "/.vscode/sftp.json"] [unique_id "almvmMk1vQqlKcrXruDFzwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:42:26
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:42:19.603500 2026] [security2:error] [pid 11858:tid 11858] [client 178.212.207.26:47442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citystreetsalon.com"] [uri "/sftp-config.json"] [unique_id "almkm0iBI5vCMsTYguL7ugAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 22:49:49
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 18:49:41.660729 2026] [security2:error] [pid 28532:tid 28532] [client 178.212.207.26:34804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cinziallc.com"] [uri "/sftp-config.json"] [unique_id "allgBfN0BWCYL9wl5xj4lgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:52:39
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:52:31.704566 2026] [security2:error] [pid 30608:tid 30608] [client 178.212.207.26:18960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cielocr.com"] [uri "/sftp-config.json"] [unique_id "alk2f-r7Qj7xLYGUm0_ZLAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:36:37
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:36:30.137853 2026] [security2:error] [pid 21076:tid 21076] [client 178.212.207.26:6810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "churchlets.net"] [uri "/sftp-config.json"] [unique_id "alkWnpxD8kQ0VmtUZFOEgwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:37:44
(2 days ago)
(mod_security) mod_security (id:949110) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 178.212.207.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:37:39.167090 2026] [security2:error] [pid 29258:tid 29258] [client 178.212.207.26:41964] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "chuckwagon.org"] [uri "/sftp-config.json"] [unique_id "alkI0-bcUqEGSEVBkpH0twAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack