πΊπΈ
TPI-Abuse
2026-06-17 00:52:32
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:52:26.915782 2026] [security2:error] [pid 3463:tid 3463] [client 178.218.130.161:62224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tijuana-bibles.com"] [uri "/sftp-config.json"] [unique_id "ajHvyjWXJXO3QFpX4J34DgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
4server
2026-06-16 21:27:53
(6 hours ago)
[TueJun1623:27:48.5427162026][security2:error][pid1888583:tid1888768][client178.218.130.161:0]ModSec ...
show more
[TueJun1623:27:48.5427162026][security2:error][pid1888583:tid1888768][client178.218.130.161:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ticino-hosting.ch\"][uri\"/sftp-config.json\"][unique_id\"ajG_1JuVnafKAQwHwHrEPQAAAMQ\"]
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 17:57:33
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 13:57:26.149450 2026] [security2:error] [pid 18992:tid 18992] [client 178.218.130.161:22190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "threewillowsfarm.com"] [uri "/sftp-config.json"] [unique_id "ajGOhkE1y79901Q2C5k59AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 16:07:44
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 12:07:37.621570 2026] [security2:error] [pid 8581:tid 8587] [client 178.218.130.161:14718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thompsonhypnotherapy.com"] [uri "/sftp-config.json"] [unique_id "ajF0yS-FG-GeI5M5k5LmKQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 15:29:35
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 11:29:29.391531 2026] [security2:error] [pid 21265:tid 21265] [client 178.218.130.161:33840] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thomaschemical.com"] [uri "/sftp-config.json"] [unique_id "ajFr2bNyxQqApL3DAIHfrgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 13:39:21
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 09:39:16.096060 2026] [security2:error] [pid 2210:tid 2210] [client 178.218.130.161:36108] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thinkwealthactwealth.com"] [uri "/sftp-config.json"] [unique_id "ajFSBLPtbNW3pB3kvJBkcgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-14 12:14:32
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:14:26.378966 2026] [security2:error] [pid 13285:tid 13285] [client 178.218.130.161:47074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "criticalmassofficial.com"] [uri "/sftp-config.json"] [unique_id "ai6bIvmmCACyt8YoKp-iQwAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-14 05:25:17
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210580) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:25:10.607544 2026] [security2:error] [pid 13131:tid 13131] [client 178.218.130.161:57218] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||crescentcitycafe.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/conceptionsflorida.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "crescentcitycafe.com"] [uri "/.vscode/sftp.json"] [unique_id "ai47Nm5fzRW_YNhoOCpBOgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
openstrike.co.uk
2026-06-14 05:13:42
(2 days ago)
2 attacks on password grabbing URLs:
GET /.vscode/sftp.json HTTP/1.1
Hacking
πΊπΈ
TPI-Abuse
2026-06-14 03:42:45
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:42:38.481559 2026] [security2:error] [pid 19849:tid 19849] [client 178.218.130.161:29854] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creeation.com"] [uri "/sftp-config.json"] [unique_id "ai4jLtKUNiP1TS7QYEEbuAAAAGw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-14 02:16:41
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:16:38.748712 2026] [security2:error] [pid 22794:tid 22799] [client 178.218.130.161:38076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "credit-card-cap.com"] [uri "/sftp-config.json"] [unique_id "ai4PBsuP9L-basNtJRPXgQAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 19:52:21
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:52:15.974381 2026] [security2:error] [pid 6368:tid 6368] [client 178.218.130.161:34068] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creartest.com"] [uri "/sftp-config.json"] [unique_id "ai207wv7LyZMqpzVFXLccQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
4server
2026-06-13 16:01:26
(3 days ago)
[SatJun1318:01:21.1034912026][security2:error][pid1347361:tid1347450][client178.218.130.161:0]ModSec ...
show more
[SatJun1318:01:21.1034912026][security2:error][pid1347361:tid1347450][client178.218.130.161:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"craniosacraltherapy.ch\"][uri\"/sftp-config.json\"][unique_id\"ai1-0UuhsIh55Qciy-tfQAAAAMA\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-12 16:36:10
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:36:02.124410 2026] [security2:error] [pid 29964:tid 29964] [client 178.218.130.161:9048] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corstratinc.com"] [uri "/sftp-config.json"] [unique_id "aiw1cu-nUj0x2zcL5ttWswAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-12 07:22:12
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 178.218.130.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:22:06.318907 2026] [security2:error] [pid 7089:tid 7089] [client 178.218.130.161:19958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "copiersgreensboro.com"] [uri "/sftp-config.json"] [unique_id "aiuznhz1v3jOUayfV9CoewAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack