๐ฉ๐ช
bescared
2026-07-09 23:11:36
(9 hours ago)
F2B - Malicious activity detected. URL Probing. -c23856ef-
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-09 12:24:35
(20 hours ago)
[ThuJul0914:24:30.3555202026][security2:error][pid4102953:tid4103029][client66.78.27.96:0]ModSecurit ...
show more
[ThuJul0914:24:30.3555202026][security2:error][pid4102953:tid4103029][client66.78.27.96:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"eselectronic.ch\"][uri\"/sftp-config.json\"][unique_id\"ak-S_vq-HuuTPklTDOMsKgAAAIY\"]
show less
Port Scan
Brute-Force
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 18:11:34
(1 day ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 14:13:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 10:13:45.609222 2026] [security2:error] [pid 31408:tid 31432] [client 66.78.27.96:36894] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "epsbudgetcommittee.org"] [uri "/sftp-config.json"] [unique_id "ak5bGZzXKR3WcbHpJYnXuAAAAJY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:46:06
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:46:00.838998 2026] [security2:error] [pid 7470:tid 7470] [client 66.78.27.96:57490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "epicureankids.com"] [uri "/sftp-config.json"] [unique_id "ak44ePF69_AXe-6abcxQAgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 01:42:57
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 21:42:50.564488 2026] [security2:error] [pid 20536:tid 20536] [client 66.78.27.96:62174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "enselme.com"] [uri "/sftp-config.json"] [unique_id "ak2rGu7fPJ3XPcxO2f0LUQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-08 01:14:06
(2 days ago)
[WedJul0803:14:04.0161632026][security2:error][pid2075712:tid2075759][client66.78.27.96:0]ModSecurit ...
show more
[WedJul0803:14:04.0161632026][security2:error][pid2075712:tid2075759][client66.78.27.96:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"enricoalbertini.com\"][uri\"/.vscode/sftp.json\"][unique_id\"ak2kXLGC1pHEDe_Jm9AdhQAAAEo\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 18:20:25
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:20:18.455594 2026] [security2:error] [pid 3927:tid 3927] [client 66.78.27.96:34204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "engedal.net"] [uri "/sftp-config.json"] [unique_id "ak1DYiSw4YfCdG3vMRe8egAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
MusicLibrary
2026-07-07 12:02:11
(2 days ago)
Probing foreign-stack admin panels / known exploit paths (Joomla, phpMyAdmin, phpunit, OWA, etc.)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 03:45:05
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 23:44:58.399115 2026] [security2:error] [pid 23964:tid 23964] [client 66.78.27.96:12276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emmlogistics.com"] [uri "/sftp-config.json"] [unique_id "akx2Okyp-GrBYj5jPNCjTAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 01:26:27
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 21:26:20.679967 2026] [security2:error] [pid 21495:tid 21495] [client 66.78.27.96:43730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emilybrass.com"] [uri "/sftp-config.json"] [unique_id "akxVvNO6xFgPyho-ysw7JwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-06 19:16:51
(3 days ago)
(mod_security) mod_security triggered on hostname [redacted] 66.78.27.96 (US/United States/96-27-78- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 66.78.27.96 (US/United States/96-27-78-66.rdns.colocationamerica.com): (CF_ENABLE)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-06 18:02:34
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 14:02:28.105501 2026] [security2:error] [pid 27608:tid 27608] [client 66.78.27.96:25834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elsmithpest.com"] [uri "/sftp-config.json"] [unique_id "akvttHMCL2SFQMS2Kv1LdQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 12:20:47
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica ...
show more
(mod_security) mod_security (id:210492) triggered by 66.78.27.96 (96-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:20:43.108918 2026] [security2:error] [pid 2431:tid 2452] [client 66.78.27.96:21708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eliteproductions.tv"] [uri "/sftp-config.json"] [unique_id "akudm32ZVYTM7CUsuJEqlwAAAI8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-06 10:36:43
(3 days ago)
Web attack/malicious scanning detected
Web App Attack