๐บ๐ธ
TPI-Abuse
2026-07-18 05:15:44
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:15:37.206951 2026] [security2:error] [pid 13019:tid 13019] [client 194.76.121.4:64378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cm-salon.com"] [uri "/sftp-config.json"] [unique_id "alsL-fKyyCqjxhWRVfMKZQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-18 04:13:36
(15 hours ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 20:02:17
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 16:02:12.425243 2026] [security2:error] [pid 1297529:tid 1297529] [client 194.76.121.4:59890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clinchspurs.com"] [uri "/sftp-config.json"] [unique_id "alqKRCegFPMrBF13GaN9CgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 14:54:13
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:54:10.511581 2026] [security2:error] [pid 1625:tid 1625] [client 194.76.121.4:22400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clearlightcarwash.com"] [uri "/sftp-config.json"] [unique_id "alpCEldQW3YM0J9kmhJhUgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-17 07:33:57
(1 day ago)
cloudlinux2 fail2ban: 2026-07-17 09:29:30,242 fail2ban.filter [1598]: INFO [plesk-modsecu ...
show more
cloudlinux2 fail2ban: 2026-07-17 09:29:30,242 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 172.111.80.164 - 2026-07-17 09:29:30cloudlinux2 fail2ban: 2026-07-17 09:29:30,252 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 172.111.80.164 - 2026-07-17 09:29:30cloudlinux2 fail2ban: 2026-07-17 09:29:58,950 fail2ban.filter [1598]: INFO [plesk-wordpress] Found 216.24.210.71 - 2026-07-17 09:29:58cloudlinux2 fail2ban: 2026-07-17 09:30:03,021 fail2ban.filter [1598]: INFO [plesk-wordpress] Found 216.24.210.71 - 2026-07-17 09:30:02cloudlinux2 fail2ban: 2026-07-17 09:30:30,648 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.98 - 2026-07-17 09:30:30cloudlinux2 fail2ban: 2026-07-17 09:30:30,637 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.98 - 2026-07-17 09:30:30cloudlinux2 fail2ban: 2026-07-17 09:30:59,514 fail2ban.filter [1598]: INFO [plesk-modsecurity] Found 140.248.75.57 - 2026-07-17 09:30
show less
Web App Attack
๐ฉ๐ช
CK_beats
2026-07-17 05:45:01
(1 day ago)
Blocked by os-abuseipdb on OPNsense firewall KN-FW01; 4 hits, proto=tcp, ports=80
Port Scan
Hacking
๐จ๐ฟ
ddw
2026-07-17 05:19:31
(1 day ago)
Access Violation Attempts - Multiple 403 Forbidden responses.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:42:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:42:00.720713 2026] [security2:error] [pid 143813:tid 143813] [client 194.76.121.4:20094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citizensforsanity.com"] [uri "/sftp-config.json"] [unique_id "almIaIQdObwjgLdFU-WMKwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:09:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:09:03.121151 2026] [security2:error] [pid 54300:tid 54300] [client 194.76.121.4:9114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citati.net"] [uri "/sftp-config.json"] [unique_id "almAr9iK2vjZpKPDpxckuwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:44:29
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.76.121.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:44:21.423962 2026] [security2:error] [pid 19085:tid 19085] [client 194.76.121.4:51362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cidv.net"] [uri "/sftp-config.json"] [unique_id "alk0lcVTtR-zdqa1RjLkgAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack