๐บ๐ธ
TPI-Abuse
2026-07-07 15:42:15
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:42:07.188880 2026] [security2:error] [pid 32371:tid 32371] [client 194.76.120.128:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pixacast.com"] [uri "/sftp-config.json"] [unique_id "ak0eTybclI-LQQuJbWPhFAAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-07-07 05:15:06
(15 hours ago)
2 attacks on password grabbing URLs:
GET /.vscode/sftp.json HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 16:43:48
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 12:43:42.440716 2026] [security2:error] [pid 18080:tid 18080] [client 194.76.120.128:64956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cdalakefrontcabin.com"] [uri "/sftp-config.json"] [unique_id "akvbPkrFih0cYrqOpehAiwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 14:42:22
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 10:42:19.123687 2026] [security2:error] [pid 29722:tid 29722] [client 194.76.120.128:29838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cchockeyhistory.org"] [uri "/sftp-config.json"] [unique_id "aku-yzAE4PBufXJRUxBMsgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-06 12:42:16
(1 day ago)
[MonJul0614:42:13.4056302026][security2:error][pid5810:tid5899][client194.76.120.128:0]ModSecurity:A ...
show more
[MonJul0614:42:13.4056302026][security2:error][pid5810:tid5899][client194.76.120.128:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"cbri.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"akuipVe1VccAE_xUh5do_gAAAI8\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 08:17:14
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:17:05.830454 2026] [security2:error] [pid 11960:tid 11960] [client 194.76.120.128:23456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cathrynn.com"] [uri "/sftp-config.json"] [unique_id "aktkgackpEP8jmnWMnnQ_QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:53:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:53:01.487597 2026] [security2:error] [pid 9282:tid 9282] [client 194.76.120.128:11216] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "catherineclayton.com"] [uri "/sftp-config.json"] [unique_id "akte3fn811hZt0CAiRdylgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 06:36:41
(1 day ago)
(mod_security) mod_security (id:210580) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:36:37.212868 2026] [security2:error] [pid 25681:tid 25702] [client 194.76.120.128:15114] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||catapultpt.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/cartimedover.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "catapultpt.com"] [uri "/.vscode/sftp.json"] [unique_id "aktM9dM734cqpjQfhCgTxgAAARM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-05 21:59:12
(1 day ago)
Auto-ban: >3000 req/min op 2026-07-05
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 16:48:10
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 12:48:05.603485 2026] [security2:error] [pid 13285:tid 13285] [client 194.76.120.128:41464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carpentersbattery.org"] [uri "/sftp-config.json"] [unique_id "akqKxX72yf0mA_f9UtcDvQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 16:20:57
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 12:20:53.027703 2026] [security2:error] [pid 19483:tid 19483] [client 194.76.120.128:65158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carolynedds.com"] [uri "/sftp-config.json"] [unique_id "akqEZdCKTAZ0-LnzCOdc3gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-07-05 15:29:26
(2 days ago)
[SunJul0517:29:19.8214402026][security2:error][pid3455228:tid3455453][client194.76.120.128:0]ModSecu ...
show more
[SunJul0517:29:19.8214402026][security2:error][pid3455228:tid3455453][client194.76.120.128:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"carolin-mizio.ch\"][uri\"/sftp-config.json\"][unique_id\"akp4T2DoyafsKLMmHMMavwAAAUc\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 14:40:30
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:40:25.082989 2026] [security2:error] [pid 29730:tid 29730] [client 194.76.120.128:45172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carmichaellaw.org"] [uri "/sftp-config.json"] [unique_id "akps2YAwGUL8zp9RLlpCqwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 14:07:10
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:07:02.707776 2026] [security2:error] [pid 21545:tid 21545] [client 194.76.120.128:20174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carltonelyse.com"] [uri "/sftp-config.json"] [unique_id "akplBmgB9S2F6uoEHjP6qQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 03:42:49
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 194.76.120.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:42:44.121166 2026] [security2:error] [pid 8247:tid 8247] [client 194.76.120.128:30184] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||cles-fonctionnel.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/corvusjanitorial.com/locations/jacksonville/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "cles-fonctionnel.com"] [uri "/.vscode/sftp.json"] [unique_id "aknStKlCECrX5eSK-yaVJwAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack