πΊπΈ
TPI-Abuse
2026-07-16 00:52:02
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:51:46.036285 2026] [security2:error] [pid 10535:tid 10535] [client 103.71.61.107:46800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bvi-boat-registration.com"] [uri "/sftp-config.json"] [unique_id "algrIoEz0tc8mcFpMkzzjAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 07:07:24
(1 day ago)
"GET /.vscode/sftp.json HTTP/1.1"
Hacking
Web App Attack
π©πͺ
Carsten
2026-07-14 23:08:58
(2 days ago)
GET [.vscode/sftp.json]
Port Scan
π©πͺ
4server
2026-07-14 17:27:51
(2 days ago)
[TueJul1419:27:36.7978392026][security2:error][pid1590760:tid1590769][client103.71.61.107:0]ModSecur ...
show more
[TueJul1419:27:36.7978392026][security2:error][pid1590760:tid1590769][client103.71.61.107:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"brunocampagna.com\"][uri\"/.vscode/sftp.json\"][unique_id\"alZxiLTxjQWL4-VDhtc-VgAAAIU\"]
show less
Port Scan
Brute-Force
Web App Attack
π©πͺ
raph
2026-07-14 16:47:15
(2 days ago)
[PROTECTED PATHS] crawler credentials.ini, aws.ini, aws.yml, etc.
Bad Web Bot
Web App Attack
π¦πΊ
2000cn.com.au
2026-07-14 09:42:22
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
πΊπΈ
mnsf
2026-07-13 09:05:02
(3 days ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 01:34:03
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:33:49.666530 2026] [security2:error] [pid 232635:tid 232635] [client 103.71.61.107:22294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.idmadventures.com"] [uri "/sftp-config.json"] [unique_id "ak76fXKcJzrmDB7V9e6UJQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 01:15:29
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:15:14.413230 2026] [security2:error] [pid 20974:tid 20974] [client 103.71.61.107:61728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bowdens-landing.com"] [uri "/sftp-config.json"] [unique_id "ak72Ig_WQMhnJ6-3IZke4wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 16:56:36
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 12:56:19.728190 2026] [security2:error] [pid 8572:tid 8572] [client 103.71.61.107:63618] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "encoremtmorris.com"] [uri "/info/jamfest//sftp-config.json"] [unique_id "ak6BMxpeEIgfUioexbzrdAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 16:16:43
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 12:16:29.687324 2026] [security2:error] [pid 26686:tid 26748] [client 103.71.61.107:25038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "designshopadmin.com"] [uri "/sftp-config.json"] [unique_id "ak533Vtw3epGTySCpTD6eQAAAJI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 15:57:53
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:57:38.763623 2026] [security2:error] [pid 8498:tid 8498] [client 103.71.61.107:31022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thepartyblock.com"] [uri "/sftp-config.json"] [unique_id "ak5zckbwNbkeQNWTp7WBuAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 15:40:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:39:55.781804 2026] [security2:error] [pid 28936:tid 28936] [client 103.71.61.107:47196] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.heartshapedboy.com"] [uri "/sftp-config.json"] [unique_id "ak5vSxhI9kEDUaUNeaEQ9QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 15:22:14
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 103.71.61.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:21:59.725078 2026] [security2:error] [pid 10328:tid 10328] [client 103.71.61.107:21844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.butkiewiczfamilyfarm.com"] [uri "/gallery/index.php/DB-Landscape-Development/sftp-config.json"] [unique_id "ak5rF4DGLhZ-DocOorvl1gAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§π·
Halux
2026-07-07 14:40:57
(1 week ago)
103.71.61.107 Web Application Firewall multiple violations
Hacking
Web App Attack