๐ซ๐ท
himanshu LNU
2025-07-03 03:57:05
(11 months ago)
Domain : oneneed.in
Rule : config
2025-05-26 14:54:09 ***hidden-privacy*** GET /.vscode/sftp.json - ...
show more
Domain : oneneed.in
Rule : config
2025-05-26 14:54:09 ***hidden-privacy*** GET /.vscode/sftp.json - 443 - 15.188.49.59 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 - oneneed.in 404 0 2 307 218 133 - -
show less
Hacking
SQL Injection
๐ซ๐ท
tecnicorioja
2025-05-26 22:00:32
(1 year ago)
(Mod_security) [26/May/2025:05:23:11.294352
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2025-05-26 21:54:58
(1 year ago)
๐ Probes for tons of inexistent files and PHP scripts
Hacking
Web App Attack
๐ซ๐ท
JPPO
2025-05-26 20:36:04
(1 year ago)
ET SCAN SFTP/FTP Password Exposure via sftp-config.json ports , ports: 80(x2)
Port Scan
๐ฌ๐ง
SecondEdge
2025-05-26 18:02:33
(1 year ago)
A web attack was detected from 15.188.49.59 (France / Paris / Paris) against second-edge.co.uk (SFTP ...
show more
A web attack was detected from 15.188.49.59 (France / Paris / Paris) against second-edge.co.uk (SFTP Credential Exposure) over 4s.
show less
Web App Attack
๐ฉ๐ช
0x44
2025-05-26 17:36:01
(1 year ago)
[26/May/2025] * Spam host detected, probing for vulnerabilities
Web Spam
Exploited Host
Web App Attack
๐ฆ๐น
services.org.pl
2025-05-26 17:20:21
(1 year ago)
open() "/var/www/html/sftp-config.json" failed (2: No such file or directory), client: 15.188.49.59, ...
show more
open() "/var/www/html/sftp-config.json" failed (2: No such file or directory), client: 15.188.49.59, server: web.services.org.pl, request: "GET /sftp-config.json HTTP/1.1", host: "web.services.org.pl"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
jcbriar
2025-05-26 16:49:08
(1 year ago)
Searching for vulnerable scripts
Hacking
Web App Attack
๐ฉ๐ช
Mr-Money
2025-05-26 16:32:39
(1 year ago)
15.188.49.59 - - [26/May/2025:18:32:38 +0200] "GET /.vscode/sftp.json HTTP/1.1" 404 501 "-" "Mozilla ...
show more
15.188.49.59 - - [26/May/2025:18:32:38 +0200] "GET /.vscode/sftp.json HTTP/1.1" 404 501 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
๐ณ๐ฑ
debestelapp
2025-05-26 16:28:46
(1 year ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-26 16:21:45
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 15.188.49.59 (ec2-15-188-49-59.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 15.188.49.59 (ec2-15-188-49-59.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 26 12:21:41.610288 2025] [security2:error] [pid 1307022:tid 1307022] [client 15.188.49.59:57377] [client 15.188.49.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pr-professional.com"] [uri "/sftp-config.json"] [unique_id "aDSVFZozd9jyKO41clzZswAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-26 15:42:21
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 15.188.49.59 (ec2-15-188-49-59.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 15.188.49.59 (ec2-15-188-49-59.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 26 11:42:15.895543 2025] [security2:error] [pid 13307:tid 13307] [client 15.188.49.59:60166] [client 15.188.49.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puckerbackbikini.com"] [uri "/sftp-config.json"] [unique_id "aDSL13BepSbODo7HBLPPfQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
himanshu LNU
2025-05-26 14:55:08
(1 year ago)
Domain : oneneed.in
Rule : config
2025-05-26 14:54:09 ***hidden-privacy*** GET /.vscode/sftp.json - ...
show more
Domain : oneneed.in
Rule : config
2025-05-26 14:54:09 ***hidden-privacy*** GET /.vscode/sftp.json - 443 - 15.188.49.59 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 - oneneed.in 404 0 2 307 218 133 - -
show less
Hacking
SQL Injection
๐ฉ๐ช
Mr-Money
2025-05-26 14:41:31
(1 year ago)
15.188.49.59 - - [26/May/2025:16:41:31 +0200] "GET /.vscode/sftp.json HTTP/1.1" 404 3662 "-" "Mozill ...
show more
15.188.49.59 - - [26/May/2025:16:41:31 +0200] "GET /.vscode/sftp.json HTTP/1.1" 404 3662 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2025-05-26 14:35:04
(1 year ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Brute-Force
Bad Web Bot
Web App Attack