πΊπΈ
TPI-Abuse
2026-07-01 13:46:00
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:45:55.014240 2026] [security2:error] [pid 9129:tid 9142] [client 23.95.80.195:46526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.helppeopleshare.net"] [uri "/y/yesnet.html/sftp-config.json"] [unique_id "akUaEzo-V3vyuFmltumCMwAAAEs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 13:25:37
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:25:31.848702 2026] [security2:error] [pid 24172:tid 24172] [client 23.95.80.195:6764] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.laboquimia.es"] [uri "/sftp-config.json"] [unique_id "akUVS4ZDNWm6KE3B9MASNgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 13:09:43
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:09:36.031795 2026] [security2:error] [pid 26353:tid 26353] [client 23.95.80.195:15788] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accordionfactory.com"] [uri "/sftp-config.json"] [unique_id "akURkHgYXnR8ckGWZ7ttvQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-30 07:05:28
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π¬π§
Yosi
2026-06-30 01:43:36
(1 week ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-29 23:32:02
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:31:57.693944 2026] [security2:error] [pid 13460:tid 13460] [client 23.95.80.195:52640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darkalleyproductions.com"] [uri "/sftp-config.json"] [unique_id "akMAbXG_n6DBKMq4ZlDIcwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
4server
2026-06-29 10:47:39
(1 week ago)
[MonJun2912:47:36.5397512026][security2:error][pid2864564:tid2864648][client23.95.80.195:0]ModSecuri ...
show more
[MonJun2912:47:36.5397512026][security2:error][pid2864564:tid2864648][client23.95.80.195:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"danielasilvia.ch\"][uri\"/sftp-config.json\"][unique_id\"akJNSECjduRxpKFW2D6PfwAAAJI\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 08:03:44
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:03:40.037681 2026] [security2:error] [pid 26912:tid 26912] [client 23.95.80.195:54228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dancingmountainsbrewing.com"] [uri "/sftp-config.json"] [unique_id "akIm3A5tOGFGyJmXx7DeqgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
paulshipley.com.au
2026-06-29 06:42:37
(1 week ago)
[Mon Jun 29 16:42:37.086111 2026] [security2:error] [pid 82831] [client 23.95.80.195:7644] [client 2 ...
show more
[Mon Jun 29 16:42:37.086111 2026] [security2:error] [pid 82831] [client 23.95.80.195:7644] [client 23.95.80.195] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dance4fitness.com.au"] [uri "/sftp-config.json"] [unique_id "akIT3SqazNMvwl5dqRPHAQAAABE"]
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 04:13:26
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:13:19.549394 2026] [security2:error] [pid 6045:tid 6045] [client 23.95.80.195:44622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "damgoodit.com"] [uri "/sftp-config.json"] [unique_id "akHw3zsfK7xJ8hFs_55mzAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 02:11:20
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:11:18.209882 2026] [security2:error] [pid 16962:tid 16962] [client 23.95.80.195:54206] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalore.com"] [uri "/sftp-config.json"] [unique_id "akHURpWeaqZL_zYzwJxNFwAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 00:32:19
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:32:13.250387 2026] [security2:error] [pid 11740:tid 11740] [client 23.95.80.195:12510] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalessalesandservice.com"] [uri "/sftp-config.json"] [unique_id "akG9DcfX116JlU1ATt5fbQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 22:27:10
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:27:07.173538 2026] [security2:error] [pid 20549:tid 20549] [client 23.95.80.195:37658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daisyweddinginvitations.com"] [uri "/sftp-config.json"] [unique_id "akGfu0xqWZu2fJBOUSgWvgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 14:41:15
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:41:09.455386 2026] [security2:error] [pid 4206:tid 4206] [client 23.95.80.195:59192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daddysmilkclub.com"] [uri "/sftp-config.json"] [unique_id "akEyhcPRDKALxDrrTwcD_AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 01:39:49
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 23.95.80.195 (23-95-80-195-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:39:46.576164 2026] [security2:error] [pid 10531:tid 10531] [client 23.95.80.195:46576] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cynosuresnapshots.com"] [uri "/sftp-config.json"] [unique_id "akB7YpzZhRwoXp4fe16zeAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack