๐ฉ๐ช
conseilgouz
2026-07-07 15:57:51
(3 hours ago)
ave-17 : Block hidden directories=>/.vscode/sftp.json(/)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 08:13:41
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:13:36.215040 2026] [security2:error] [pid 6756:tid 6756] [client 158.140.210.18:37810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "catholicshopper.com"] [uri "/sftp-config.json"] [unique_id "aktjsFdmVuwnFC6H0y8OQAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:45:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:45:43.877465 2026] [security2:error] [pid 25805:tid 25805] [client 158.140.210.18:43652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cathayexpress.com"] [uri "/sftp-config.json"] [unique_id "aktdJ6ENpiWusKI2Nz6QxAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:29:55
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:29:47.862534 2026] [security2:error] [pid 3319:tid 3319] [client 158.140.210.18:60514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "castagnino.com"] [uri "/sftp-config.json"] [unique_id "aksvO_xdTDmdqx6nYqjQ6QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:03:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:03:02.574864 2026] [security2:error] [pid 6855:tid 6855] [client 158.140.210.18:55672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casagrotto.com"] [uri "/sftp-config.json"] [unique_id "akrUlg7n2O5dXNb9bL3TmwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-05 21:59:31
(1 day ago)
Auto-ban: >3000 req/min op 2026-07-05
Web App Attack
SSH
Hacking
๐ต๐ฑ
miriks
2026-07-05 18:46:09
(2 days ago)
Automated scan detected: GET /.vscode/sftp.json โ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7 ...
show more
Automated scan detected: GET /.vscode/sftp.json โ UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 15:39:28
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 11:39:24.625836 2026] [security2:error] [pid 10988:tid 10988] [client 158.140.210.18:52652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carolinafootprints.com"] [uri "/sftp-config.json"] [unique_id "akp6rMSX7OSYIaDUG1XbawAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 08:01:16
(2 days ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 03:42:50
(2 days ago)
(mod_security) mod_security (id:210580) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 158.140.210.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:42:42.770680 2026] [security2:error] [pid 7956:tid 7956] [client 158.140.210.18:33996] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||elmarwamarine.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/corvusjanitorial.com/locations/jacksonville/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "elmarwamarine.com"] [uri "/.vscode/sftp.json"] [unique_id "aknSsmLsxJ-ibinhlhDyOgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack