๐บ๐ธ
CBJ
2026-07-15 16:49:43
(18 minutes ago)
fail2ban: apache-filepath-recon
...
Web App Attack
๐บ๐ธ
SiliSoftware
2026-07-15 15:48:20
(1 hour ago)
/.vscode/sftp.json
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-15 15:35:52
(1 hour ago)
dot file probe
Web App Attack
๐ฉ๐ช
Viveronese
2026-07-15 15:21:49
(1 hour ago)
HTTP vulnerability scanning
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 15:07:06
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 11:06:59.324874 2026] [security2:error] [pid 3605:tid 3605] [client 149.202.94.131:62064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emsahara.org"] [uri "/sftp-config.json"] [unique_id "aleiE-D4b7XICN_OTt5UmwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ParaBug
2026-07-15 13:17:31
(3 hours ago)
149.202.94.131 - - [15/Jul/2026:15:17:30 +0200] "GET /sftp-config.json HTTP/1.1" 301 557 "-" "Mozill ...
show more
149.202.94.131 - - [15/Jul/2026:15:17:30 +0200] "GET /sftp-config.json HTTP/1.1" 301 557 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Phishing
Brute-Force
Web App Attack
Anonymous
2026-07-15 12:21:14
(4 hours ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ฉ๐ช
findlab
2026-07-15 11:25:01
(5 hours ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 11:10:10
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 07:10:03.119115 2026] [security2:error] [pid 5069:tid 5069] [client 149.202.94.131:65336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desertalfas.org"] [uri "/sftp-config.json"] [unique_id "aldqi-1geNJt7dit2kDHmAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Admins@FBN
2026-07-15 10:49:58
(6 hours ago)
FW-PortScan: Traffic Blocked srcport=61416 dstport=80
Port Scan
๐ฌ๐ง
SilverZippo
2026-07-15 09:14:08
(7 hours ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 08:34:00
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:33:55.914917 2026] [security2:error] [pid 20957:tid 20957] [client 149.202.94.131:65461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.creationorevolution.net"] [uri "/sftp-config.json"] [unique_id "aldF8_k5aajzVhjPNyWgaQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
wordpresshosting.solutions
2026-07-15 08:31:18
(8 hours ago)
Web app vulnerability scanning detected. Evidence: 149.202.94.131 - - [15/Jul/2026:07:59:01 +0000] " ...
show more
Web app vulnerability scanning detected. Evidence: 149.202.94.131 - - [15/Jul/2026:07:59:01 +0000] "GET /sftp-config.json HTTP/1.1" 404 42246 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
149.202.94.131 - - [15/Jul/2026:08:31:17 +0000] "GET /sftp-config.json HTTP/1.1" 404 42246 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
show less
Web App Attack
๐ฉ๐ช
webko.si
2026-07-15 08:14:18
(8 hours ago)
DKK: Bruteforce web app access, URI detail: '/.vscode/sftp.json'.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 07:39:58
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 149.202.94.131 (ns3032085.ip-149-202-94.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 03:39:52.196163 2026] [security2:error] [pid 2009:tid 2009] [client 149.202.94.131:63369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanacademyofteachersofsinging.org"] [uri "/sftp-config.json"] [unique_id "alc5SAj7tavrBIM9HEXaqQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack