๐ฉ๐ช
FeG Deutschland
2026-07-16 00:14:14
(10 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 22:39:35
(12 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-11 21:59:58
(4 days ago)
Auto-ban: 213 malicious requests on 2026-07-10 (e.g., env/backup probes, brute-force, or error burst ...
show more
Auto-ban: 213 malicious requests on 2026-07-10 (e.g., env/backup probes, brute-force, or error bursts).
show less
Web App Attack
SSH
Hacking
๐ง๐ช
cmbplf
2026-07-10 23:32:13
(5 days ago)
163 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-07-10 22:25:19
(5 days ago)
Try to access /.vscode/sftp.json
Web App Attack
๐ฉ๐ช
bescared
2026-07-09 23:11:36
(6 days ago)
F2B - Malicious activity detected. URL Probing. -8ff06ede-
Hacking
Bad Web Bot
Web App Attack
๐จ๐ญ
ALPHANET
2026-07-09 17:26:49
(6 days ago)
web exploits
Hacking
Exploited Host
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-08 13:11:43
(1 week ago)
dot file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 00:09:02
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 20:08:57.105491 2026] [security2:error] [pid 15463:tid 15536] [client 154.13.197.64:26020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ennerdalebridge.com"] [uri "/sftp-config.json"] [unique_id "ak2VGZQFz45WO3tsMzZGwQAAAMs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 11:21:25
(1 week ago)
(mod_security) mod_security (id:210580) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210580) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:21:18.302882 2026] [security2:error] [pid 32435:tid 32435] [client 154.13.197.64:12148] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||encoremtmorris.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/encinoenviron.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "encoremtmorris.com"] [uri "/.vscode/sftp.json"] [unique_id "akzhLsF6y7WJ_kc3_sLgNAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 02:23:12
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 22:23:07.301251 2026] [security2:error] [pid 10600:tid 10600] [client 154.13.197.64:32632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emisoni.com"] [uri "/sftp-config.json"] [unique_id "akxjC0yWZj7m1GGwAZ3rRwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-06 19:22:21
(1 week ago)
[MonJul0621:22:16.4178892026][security2:error][pid397576:tid397661][client154.13.197.64:0]ModSecurit ...
show more
[MonJul0621:22:16.4178892026][security2:error][pid397576:tid397661][client154.13.197.64:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"elyon2.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"akwAaF3aLyHZOHWqS3cpeAAAANE\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 17:04:04
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 154.13.197.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 13:03:59.581038 2026] [security2:error] [pid 23136:tid 23136] [client 154.13.197.64:23570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elpasoheroes.com"] [uri "/sftp-config.json"] [unique_id "akvf_wRNXarI8euLNJEXyAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 16:35:55
(1 week ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ฌ๐ง
consul.to
2026-07-06 10:36:43
(1 week ago)
Web attack/malicious scanning detected
Web App Attack