๐ซ๐ท
ELYAZ
2026-07-09 19:42:17
(23 hours ago)
(y4) Failed scan -byebye- from 176.121.109.21 (DE/Germany/-): (CF_ENABLE)
Hacking
๐ง๐ช
cmbplf
2026-07-09 11:22:09
(1 day ago)
120 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐บ๐ธ
mnsf
2026-07-08 01:05:17
(2 days ago)
Too many Status 40X (27)
Brute-Force
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-06 07:04:10
(4 days ago)
Try to access /.vscode/sftp.json
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-05 22:00:08
(4 days ago)
Auto-ban: >3000 req/min op 2026-07-05
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 21:40:27
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 17:40:21.292955 2026] [security2:error] [pid 24606:tid 24617] [client 176.121.109.21:60150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casademontemaior.com"] [uri "/sftp-config.json"] [unique_id "akrPRUgzlmWmA5WEjkUrTQAAAEk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-05 21:19:17
(4 days ago)
[SunJul0523:19:15.3506172026][security2:error][pid3326998:tid3327136][client176.121.109.21:0]ModSecu ...
show more
[SunJul0523:19:15.3506172026][security2:error][pid3326998:tid3327136][client176.121.109.21:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"casacarmen.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"akrKU0uRD1CPuzfd4zqvFAAAANI\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:02:56
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:02:47.972660 2026] [security2:error] [pid 11429:tid 11429] [client 176.121.109.21:60528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cartoondelivery.com"] [uri "/sftp-config.json"] [unique_id "akq4Z045Agz7Qb9N_DL3KwAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-05 18:55:08
(5 days ago)
Deploy Config Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 14:05:39
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:05:32.890341 2026] [security2:error] [pid 13340:tid 13340] [client 176.121.109.21:62238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carlsvoice.com"] [uri "/sftp-config.json"] [unique_id "akpkrJQPKoYc7Mo4T4nJngAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 03:42:44
(5 days ago)
(mod_security) mod_security (id:210580) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:42:34.846157 2026] [security2:error] [pid 7849:tid 7849] [client 176.121.109.21:12026] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||ageh.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/corvusjanitorial.com/locations/jacksonville/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "ageh.com"] [uri "/.vscode/sftp.json"] [unique_id "aknSqqyEwOqJCo_1FVppzAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 19:11:04
(6 days ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 06:39:55
(6 days ago)
(mod_security) mod_security (id:210580) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 176.121.109.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:39:38.510385 2026] [security2:error] [pid 1733:tid 1733] [client 176.121.109.21:20202] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||barkatthemoonpetsitting.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/saltlending.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "barkatthemoonpetsitting.com"] [uri "/.vscode/sftp.json"] [unique_id "akiqqvdbculYcicS2ifg-gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
bescared
2026-07-03 22:53:00
(6 days ago)
WAF (2) - Malicious activity detected: URL probing.
Bad Web Bot
Web App Attack
Hacking
๐ต๐ฑ
itrail
2023-10-05 11:10:00
(2 years ago)
credential stuffing
Brute-Force