๐บ๐ธ
mnsf
2026-07-08 01:05:12
(14 hours ago)
Request Overload (107)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-07 17:45:46
(21 hours ago)
110 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-06 16:15:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 12:15:03.852107 2026] [security2:error] [pid 885:tid 885] [client 82.21.141.36:33106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ccureiti.com"] [uri "/sftp-config.json"] [unique_id "akvUh1hjk2cI0KEtvcYz4gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 11:25:58
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 07:25:53.819544 2026] [security2:error] [pid 16771:tid 16771] [client 82.21.141.36:10682] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cbcfargo.com"] [uri "/sftp-config.json"] [unique_id "akuQwave-hkZUsB4LHXhfgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 10:40:17
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 06:40:09.121950 2026] [security2:error] [pid 26755:tid 26755] [client 82.21.141.36:50750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cayman-islands-real-estate.com"] [uri "/sftp-config.json"] [unique_id "akuGCUoqAZFYHCictpYpNQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 06:51:12
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:51:04.581431 2026] [security2:error] [pid 27843:tid 27864] [client 82.21.141.36:23930] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "catch-22productions.com"] [uri "/sftp-config.json"] [unique_id "aktQWHo118dL0KvGLhjP6wAAAFM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-06 05:04:31
(2 days ago)
trolling for resource vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:35:57
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:35:50.392949 2026] [security2:error] [pid 13620:tid 13620] [client 82.21.141.36:20002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "castedguy.com"] [uri "/sftp-config.json"] [unique_id "akswpqQU2zQ_BdvVRvK7-AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-05 22:41:17
(2 days ago)
[MonJul0600:41:13.4929102026][security2:error][pid3400509:tid3400625][client82.21.141.36:0]ModSecuri ...
show more
[MonJul0600:41:13.4929102026][security2:error][pid3400509:tid3400625][client82.21.141.36:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"casaplusticino.ch\"][uri\"/sftp-config.json\"][unique_id\"akrdib-bsjrLVhSPiwspFwAAAQw\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:38:43
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210580) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:38:35.488112 2026] [security2:error] [pid 7959:tid 7959] [client 82.21.141.36:46472] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||casapapayasanmiguel.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/cartimedover.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "casapapayasanmiguel.com"] [uri "/.vscode/sftp.json"] [unique_id "akrc6xjrojbO3rpTejnoQQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-05 21:59:58
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-05
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 21:40:28
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210580) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 17:40:22.222069 2026] [security2:error] [pid 25902:tid 25902] [client 82.21.141.36:55080] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||casademunt.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/cartimedover.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "casademunt.com"] [uri "/.vscode/sftp.json"] [unique_id "akrPRg-XRZbYURT8zODkWgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 19:50:39
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 15:50:32.555523 2026] [security2:error] [pid 13998:tid 13998] [client 82.21.141.36:18050] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cartiologyfilms.com"] [uri "/sftp-config.json"] [unique_id "akq1iBI-br_IXoKZXn2S2gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-05 18:55:08
(2 days ago)
Deploy Config Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 03:42:38
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.21.141.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:42:32.096589 2026] [security2:error] [pid 2284:tid 2284] [client 82.21.141.36:4976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "43cambridge.com"] [uri "/sftp-config.json"] [unique_id "aknSqNjAkBUOeplt9EjDQwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack