๐บ๐ธ
nyt
2026-07-01 20:21:13
(1 week ago)
Deploy Config Probe
Web App Attack
๐ฉ๐ช
4server
2026-07-01 05:39:04
(1 week ago)
[WedJul0107:39:02.3785172026][security2:error][pid1134321:tid1134368][client31.42.132.75:0]ModSecuri ...
show more
[WedJul0107:39:02.3785172026][security2:error][pid1134321:tid1134368][client31.42.132.75:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"noleggi.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"akSn9kEfg-ZbwzmCNPZ4sQAAAEs\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-01 04:50:15
(1 week ago)
dot file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:59:18
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:59:14.990778 2026] [security2:error] [pid 3596:tid 3596] [client 31.42.132.75:24772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gbaker.us"] [uri "/sftp-config.json"] [unique_id "akN3Uk7yilowdJglESkomAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 22:37:25
(1 week ago)
31.42.132.75 - - [29/Jun/2026:22:37:24 +0000] "GET /sftp-config.json HTTP/1.1" 302 505 "-" "Mozilla/ ...
show more
31.42.132.75 - - [29/Jun/2026:22:37:24 +0000] "GET /sftp-config.json HTTP/1.1" 302 505 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-06-29 14:39:12
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐จ๐ญ
4server
2026-06-29 07:26:00
(1 week ago)
[MonJun2909:25:56.1508172026][security2:error][pid1454961:tid1455351][client31.42.132.75:0]ModSecuri ...
show more
[MonJun2909:25:56.1508172026][security2:error][pid1454961:tid1455351][client31.42.132.75:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"gamotors.ch\"][uri\"/sftp-config.json\"][unique_id\"akIeBL0kCnbXJ0rgR18tPgAAAM0\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 02:22:32
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:22:27.011552 2026] [security2:error] [pid 22636:tid 22659] [client 31.42.132.75:17490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamecrazy.us"] [uri "/sftp-config.json"] [unique_id "akHW4xZu5fJ0wF78gW8hfAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 18:59:43
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:59:36.995984 2026] [security2:error] [pid 1713:tid 1713] [client 31.42.132.75:8246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gaksato.com"] [uri "/sftp-config.json"] [unique_id "akFvGIMEtSVa8UqAVZqB7QAAAC4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 16:46:42
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:46:35.298682 2026] [security2:error] [pid 24834:tid 24872] [client 31.42.132.75:50442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gafm.org"] [uri "/sftp-config.json"] [unique_id "akFP68vWS5miReiHLg1_4QAAARU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 15:21:32
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:21:24.667549 2026] [security2:error] [pid 20710:tid 20710] [client 31.42.132.75:25874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gacstoday.com"] [uri "/sftp-config.json"] [unique_id "akE79Fk3HaMJwHEwZP_l2QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 05:06:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:06:39.355388 2026] [security2:error] [pid 27953:tid 27953] [client 31.42.132.75:51860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxztrader.com"] [uri "/sftp-config.json"] [unique_id "akCr35Bm_EQk48LBOexT4QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 02:30:57
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:30:50.964247 2026] [security2:error] [pid 19304:tid 19304] [client 31.42.132.75:64406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fvsllc.com"] [uri "/sftp-config.json"] [unique_id "akCHWt-ho5dVfhV14LNOVgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 04:30:26
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 31.42.132.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:30:19.085876 2026] [security2:error] [pid 315:tid 315] [client 31.42.132.75:46760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftwwx.com"] [uri "/sftp-config.json"] [unique_id "aj9R23CNIK1o17H6-iqgCAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
filstal.org
2026-06-27 04:09:26
(1 week ago)
Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels an ...
show more
Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels and known vulnerability paths.
show less
Hacking
Brute-Force
Web App Attack