๐ฉ๐ช
FeG Deutschland
2026-07-10 12:45:14
(16 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ซ๐ท
lechat
2026-07-10 11:37:00
(17 hours ago)
2026-07-10T11:37:00.756434+0000 inbound port scan detected by Suricata. src=178.128.61.43:51533 dst= ...
show more
2026-07-10T11:37:00.756434+0000 inbound port scan detected by Suricata. src=178.128.61.43:51533 dst=51.68.231.122:80 proto=TCP. signature="ET SCAN SFTP/FTP Password Exposure via sftp-config.json" category="Attempted Information Leak" sid=2015940 reason=scan_signature.
show less
Port Scan
๐บ๐ธ
Starburst SysOp Team
2026-07-10 10:22:48
(18 hours ago)
Restricted File Access Attempt. Matched phrase ".vscode" at REQUEST_FILENAME. (930130-mnz6-1)
Hacking
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-07-10 10:00:08
(18 hours ago)
Access to sensitive files detected w/ specific boundary.. Threat Score: 6.3/10 (MEDIUM). Reported by ...
show more
Access to sensitive files detected w/ specific boundary.. Threat Score: 6.3/10 (MEDIUM). Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:21:37
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:21:31.829098 2026] [security2:error] [pid 14865:tid 14865] [client 178.128.61.43:65239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swurgentvet.com"] [uri "/sftp-config.json"] [unique_id "ak8hy-XgNU9Jnqty8_K7CQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 03:17:00
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:16:54.255454 2026] [security2:error] [pid 20950:tid 20950] [client 178.128.61.43:54780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fixmyland.com"] [uri "/sftp-config.json"] [unique_id "ak8Spu46dZgDBVUf5U8r8gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 01:38:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:38:40.610524 2026] [security2:error] [pid 6551:tid 6551] [client 178.128.61.43:61916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "technicallydental.com"] [uri "/sftp-config.json"] [unique_id "ak77oMdf9os6X86ePSdrOwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 22:53:10
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 18:53:06.059923 2026] [security2:error] [pid 30599:tid 30641] [client 178.128.61.43:63801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nopictures.org"] [uri "/sftp-config.json"] [unique_id "ak7U0sTJPTLdU459AFM_twAAAJE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-08 01:22:18
(3 days ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
nyt
2026-07-07 21:22:19
(3 days ago)
Deploy Config Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 10:52:26
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:52:20.022982 2026] [security2:error] [pid 21352:tid 21352] [client 178.128.61.43:49852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woodburymeadows.org"] [uri "/sftp-config.json"] [unique_id "akzaZOky6jonJsyNwIsReQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 10:21:08
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:21:04.999141 2026] [security2:error] [pid 25398:tid 25398] [client 178.128.61.43:53927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intelligencer.us"] [uri "/sftp-config.json"] [unique_id "akzTEBjmiGG81qMSMPmddwAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 07:44:33
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 03:44:25.810612 2026] [security2:error] [pid 28930:tid 28943] [client 178.128.61.43:49829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stephanietobola.com"] [uri "/sftp-config.json"] [unique_id "akyuWdvMlcQhrv0spJsxjgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 06:36:58
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.61.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 02:36:54.833952 2026] [security2:error] [pid 22879:tid 22879] [client 178.128.61.43:55553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "godscreationobservatory.com"] [uri "/sftp-config.json"] [unique_id "akyehjdP0qlRGYKCa-GnCAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 06:07:01
(3 days ago)
Automated web scanner. Requested suspicious paths: /.vscode/sftp.json. UTC: 2026-07-07 05:35:26.
Web App Attack