๐ฉ๐ช
4server
2026-07-16 01:13:51
(3 days ago)
[ThuJul1603:13:48.2699292026][security2:error][pid3836973:tid3837001][client188.241.126.54:0]ModSecu ...
show more
[ThuJul1603:13:48.2699292026][security2:error][pid3836973:tid3837001][client188.241.126.54:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"feldenkraisticino.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"algwTDKkr5NtzUWcff-U_gAAAVE\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-16 00:13:57
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-16 00:05:12
(3 days ago)
Try to access /.vscode/sftp.json
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 21:53:24
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 17:53:16.200355 2026] [security2:error] [pid 12967:tid 12967] [client 188.241.126.54:62212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "feathersolar.com"] [uri "/sftp-config.json"] [unique_id "algBTMOEtYKWZhd8YIOHOQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 17:27:19
(3 days ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 09:52:10
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 05:52:06.573146 2026] [security2:error] [pid 10741:tid 10741] [client 188.241.126.54:51762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prostar.industries"] [uri "/sftp-config.json"] [unique_id "aldYRqL5yn7NznzfS4S95QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-07-14 23:32:02
(4 days ago)
Multiple WAF Violations
Web App Attack
Anonymous
2026-07-14 00:13:46
(5 days ago)
Fail2Ban: ModSecurity detected a web application attack.
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-11 22:00:00
(1 week ago)
Auto-ban: 222 malicious requests on 2026-07-10 (e.g., env/backup probes, brute-force, or error burst ...
show more
Auto-ban: 222 malicious requests on 2026-07-10 (e.g., env/backup probes, brute-force, or error bursts).
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-11 13:13:07
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 09:12:58.490927 2026] [security2:error] [pid 31168:tid 31202] [client 188.241.126.54:5736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41bravo.com"] [uri "/sftp-config.json"] [unique_id "alJBWj9IoE3s1lWHE6TjwAAAANU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 09:24:25
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 05:24:19.417620 2026] [security2:error] [pid 7591:tid 7591] [client 188.241.126.54:43482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1writeforthegrant.com"] [uri "/sftp-config.json"] [unique_id "alILwyOCr4sYiSm28zm7_QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 04:09:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 188.241.126.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 00:08:57.448230 2026] [security2:error] [pid 17645:tid 17645] [client 188.241.126.54:11672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aes-nihil.com"] [uri "/sftp-config.json"] [unique_id "alHB2X4L6kDcJJh90PgQfQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-10 23:36:03
(1 week ago)
141 requests with url.path *sftp.json
Brute-Force
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-07-10 22:25:46
(1 week ago)
Try to access /.vscode/sftp.json
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-10 13:55:08
(1 week ago)
(y4) Failed scan -byebye- from 188.241.126.54 (IT/Italy/-): (CF_ENABLE)
Hacking