๐ซ๐ท
geot
2026-06-17 12:13:51
(1 week ago)
GET /.vscode/sftp.json HTTP/1.1
Hacking
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-06-17 02:15:55
(1 week ago)
dot file probe
Web App Attack
๐ฌ๐ง
Oakley
2026-06-17 00:09:31
(1 week ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-16 23:57:51
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:57:45.404600 2026] [security2:error] [pid 27841:tid 27841] [client 109.207.132.24:59572] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tiffanyshouses.com"] [uri "/sftp-config.json"] [unique_id "ajHi-b--8yfMToPxre0Z2QAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
robinwolff
2026-06-16 21:55:46
(1 week ago)
Web App Attack
Hacking
๐จ๐ญ
4server
2026-06-16 21:27:53
(1 week ago)
[TueJun1623:27:50.0133352026][security2:error][pid1888583:tid1888773][client109.207.132.24:0]ModSecu ...
show more
[TueJun1623:27:50.0133352026][security2:error][pid1888583:tid1888773][client109.207.132.24:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"ticino-host.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"ajG_1puVnafKAQwHwHrEQAAAAMY\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 18:55:48
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:55:41.237812 2026] [security2:error] [pid 23258:tid 23258] [client 109.207.132.24:41578] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thrudheim.org"] [uri "/sftp-config.json"] [unique_id "ajGcLVYrPokJzQkkJGSnygAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 16:17:21
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 12:17:13.815499 2026] [security2:error] [pid 24655:tid 24655] [client 109.207.132.24:27602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thongtracker.com"] [uri "/sftp-config.json"] [unique_id "ajF3CTztdDiCVleWr4Tq6QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-06-14 07:12:16
(2 weeks ago)
Deploy Config Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 05:56:57
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:56:51.402521 2026] [security2:error] [pid 22331:tid 22331] [client 109.207.132.24:41988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cressyvideo.com"] [uri "/sftp-config.json"] [unique_id "ai5Co8uvnvYnp5juP-Qc6gAAAIc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 05:25:12
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:25:08.985702 2026] [security2:error] [pid 13253:tid 13253] [client 109.207.132.24:5188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crescentcitycafe.com"] [uri "/sftp-config.json"] [unique_id "ai47NOSHy3DcVTwuoslJMwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 02:18:57
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:18:51.518121 2026] [security2:error] [pid 9472:tid 9485] [client 109.207.132.24:52502] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "credit-protector.com"] [uri "/sftp-config.json"] [unique_id "ai4Pi86eVvrpL7HekUthUwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 19:50:51
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:50:44.636517 2026] [security2:error] [pid 3972:tid 3972] [client 109.207.132.24:10024] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crearcuestionarios.com"] [uri "/sftp-config.json"] [unique_id "ai20lNM-o5ZQtNaEDmiqVwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 08:57:00
(2 weeks ago)
(mod_security) mod_security (id:210580) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:56:53.372674 2026] [security2:error] [pid 14107:tid 14107] [client 109.207.132.24:10908] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||cpking.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/conceptionsflorida.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "cpking.com"] [uri "/.vscode/sftp.json"] [unique_id "ai0bVYE2tbaNjE3dV1bKowAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 22:34:57
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 109.207.132.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 18:34:50.096795 2026] [security2:error] [pid 31619:tid 31619] [client 109.207.132.24:63514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cougarcrusade.com"] [uri "/sftp-config.json"] [unique_id "aiyJilgZqPerC2TW2z_0zwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack