π¬π§
openstrike.co.uk
2026-07-14 05:14:14
(5 days ago)
2 attacks on password grabbing URLs:
GET /.vscode/sftp.json HTTP/1.1
Hacking
π«π·
masterguru
2026-07-13 17:55:16
(5 days ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 17:26:33
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 2002:a5f5:b384::a5f5:b384 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2002:a5f5:b384::a5f5:b384 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 13:26:23.339752 2026] [security2:error] [pid 27619:tid 27619] [client 2002:a5f5:b384::a5f5:b384:63256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exotic-dancers-los-angeles.com"] [uri "/sftp-config.json"] [unique_id "alUfv6LQXvwd7oK4B3UxkAAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 16:11:34
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 12:11:26.643194 2026] [security2:error] [pid 21025:tid 21025] [client 165.245.179.132:60951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exit10band.com"] [uri "/sftp-config.json"] [unique_id "alUOLlbD88WnYHwgMrt76QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
bescared
2026-07-13 15:20:05
(5 days ago)
F2B - Malicious activity detected. URL Probing. -c23856ef-
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 14:29:25
(5 days ago)
165.245.179.132 - - [13/Jul/2026:09:29:19 -0500] "GET /sftp-config.json HTTP/1.1" 301 248 "-" "Mozil ...
show more
165.245.179.132 - - [13/Jul/2026:09:29:19 -0500] "GET /sftp-config.json HTTP/1.1" 301 248 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
165.245.179.132 - - [13/Jul/2026:09:29:22 -0500] "GET /.sftp-config.json HTTP/1.1" 301 249 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
165.245.179.132 - - [13/Jul/2026:09:29:24 -0500] "GET /sftp-config.json HTTP/1.1" 301 249 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 10:44:44
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 06:44:38.427318 2026] [security2:error] [pid 2810:tid 2810] [client 165.245.179.132:61182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evelia.com"] [uri "/sftp-config.json"] [unique_id "alTBlqvKbg-zCijpxzZCDQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 09:13:15
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 05:13:06.906891 2026] [security2:error] [pid 28444:tid 28444] [client 165.245.179.132:52977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolinc.com"] [uri "/sftp-config.json"] [unique_id "alSsIrnc5o2SdnQEZs5GVgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 08:12:31
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 04:12:27.737426 2026] [security2:error] [pid 21077:tid 21077] [client 165.245.179.132:53194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "entertainer-review.com"] [uri "/sftp-config.json"] [unique_id "alSd64emlIDAJ7PPsB4PYQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
evilrave
2026-07-13 05:55:53
(6 days ago)
165.245.179.132 - - [13/Jul/2026:05:55:52 +0000] "GET /sftp-config.json HTTP/1.1" 308 164 Host="[RED ...
show more
165.245.179.132 - - [13/Jul/2026:05:55:52 +0000] "GET /sftp-config.json HTTP/1.1" 308 164 Host="[REDACTED_HOSTNAME].dev" SNI="-"
165.245.179.132 - - [13/Jul/2026:05:55:52 +0000] "GET /.vscode/sftp.json HTTP/1.1" 308 164 Host="[REDACTED_HOSTNAME].dev" SNI="-"
165.245.179.132 - - [13/Jul/2026:05:55:53 +0000] "GET /.vscode/ftp-config.json HTTP/1.1" 308 164 Host="[REDACTED_HOSTNAME].dev" SNI="-"
...
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-13 04:14:25
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2002:a5f5:b384::a5f5:b384 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2002:a5f5:b384::a5f5:b384 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:14:19.671027 2026] [security2:error] [pid 10158:tid 10175] [client 2002:a5f5:b384::a5f5:b384:57634] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolutionaryethics.com"] [uri "/sftp-config.json"] [unique_id "alRmGx_nhu4rFcmAHNuBCAAAAI8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 03:27:15
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:27:11.377959 2026] [security2:error] [pid 24386:tid 24386] [client 165.245.179.132:61698] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "entertainmentcapitol.com"] [uri "/sftp-config.json"] [unique_id "alRbD6hViYym6y5nDxHkMAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-13 02:22:17
(6 days ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 02:11:42
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.179.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:09:31.759936 2026] [security2:error] [pid 3845:tid 3845] [client 165.245.179.132:56313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolute.io"] [uri "/sftp-config.json"] [unique_id "alRI21OvxiRw7zTvOBhzvAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 01:54:39
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2002:a5f5:b384::a5f5:b384 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2002:a5f5:b384::a5f5:b384 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:54:32.598940 2026] [security2:error] [pid 14738:tid 14738] [client 2002:a5f5:b384::a5f5:b384:50728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "epowersupplyusa.com"] [uri "/sftp-config.json"] [unique_id "alRFWDfTmJlb3r8AU5SWCgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack