๐บ๐ธ
TPI-Abuse
2026-07-06 13:24:29
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 09:24:22.133843 2026] [security2:error] [pid 24479:tid 24479] [client 139.162.33.201:53841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "californiarhythmproject.org"] [uri "/sftp-config.json"] [unique_id "akushvqpRoo0BlO1Oy8koQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-06 12:18:19
(2 hours ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-06 11:08:54
(3 hours ago)
139.162.33.201 - - [06/Jul/2026:07:08:48 -0400] "GET /.vscode/ftp-sync.json HTTP/1.1" 404 6315 "-" " ...
show more
139.162.33.201 - - [06/Jul/2026:07:08:48 -0400] "GET /.vscode/ftp-sync.json HTTP/1.1" 404 6315 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
139.162.33.201 - - [06/Jul/2026:07:08:49 -0400] "GET /.sftp-config.json HTTP/1.1" 404 6315 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
139.162.33.201 - - [06/Jul/2026:07:08:51 -0400] "GET /ftp-sync.json HTTP/1.1" 404 6315 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
139.162.33.201 - - [06/Jul/2026:07:08:52 -0400] "GET /.ftp-sync.json HTTP/1.1" 404 6315 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
139.162.33.201 - - [06/Jul/2026:07:08:53 -0400] "GET /ftp-config.json HTTP/1.1" 404 6315 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 09:57:05
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 05:57:01.849042 2026] [security2:error] [pid 20372:tid 20374] [client 139.162.33.201:63174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "captechinc.com"] [uri "/sftp-config.json"] [unique_id "akt77cFKa6fSSpUXm0xoogAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 08:47:53
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:47:46.618949 2026] [security2:error] [pid 550:tid 550] [client 139.162.33.201:58910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "capriexpress.com"] [uri "/sftp-config.json"] [unique_id "aktrsqilFEKy7phcjqIKCgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 06:52:45
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:52:41.274059 2026] [security2:error] [pid 6661:tid 6661] [client 139.162.33.201:61890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "calfirstrealty.net"] [uri "/sftp-config.json"] [unique_id "aktQufXm0UN50_zq5xnVNgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:41:30
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:41:18.929309 2026] [security2:error] [pid 29793:tid 29796] [client 139.162.33.201:53648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "browbrew.com"] [uri "/sftp-config.json"] [unique_id "aks__tZFD_hhGEm92bgyigAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:15:41
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:15:35.939072 2026] [security2:error] [pid 2964:tid 2964] [client 139.162.33.201:53148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bronislawsuchanek.com"] [uri "/sftp-config.json"] [unique_id "aks5992ePla8maPwD4NHogAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-06 03:15:36
(11 hours ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
๐ฌ๐ง
consul.to
2026-07-06 00:58:17
(13 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-05 23:36:23
(14 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-05 22:36:20
(15 hours ago)
Try to access /.vscode/sftp.json
Web App Attack
๐ฉ๐ช
4server
2026-07-05 22:22:31
(16 hours ago)
[MonJul0600:22:25.8014792026][security2:error][pid3385863:tid3385937][client139.162.33.201:0]ModSecu ...
show more
[MonJul0600:22:25.8014792026][security2:error][pid3385863:tid3385937][client139.162.33.201:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"buletti-panettoni.ch\"][uri\"/.vscode/ftp-config.json\"][unique_id\"akrZIeVQgl10LrexmFhGFQAAAIg\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-07-05 22:05:02
(16 hours ago)
Too many Status 40X (18)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:01:28
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.33.201 (139-162-33-201.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:01:21.965140 2026] [security2:error] [pid 14090:tid 14090] [client 139.162.33.201:50421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.voodooshop.com"] [uri "/sftp-config.json"] [unique_id "akrUMco5yzDaTjZ9_85K8AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack