π«π·
service Informatique
2025-04-23 04:00:37
(1 year ago)
GET /sftp-config.json
Web App Attack
π«π·
geot
2025-04-22 12:16:57
(1 year ago)
GET /.vscode/sftp.json HTTP/1.1
GET /sftp-config.json HTTP/1.1
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2025-04-22 05:54:04
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 35.180.243.179 (ec2-35-180-243-179.eu-west-3.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.180.243.179 (ec2-35-180-243-179.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 22 01:54:00.568374 2025] [security2:error] [pid 32242:tid 32242] [client 35.180.243.179:62886] [client 35.180.243.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "obgynhistory.com"] [uri "/sftp-config.json"] [unique_id "aAcu-GLu5Iu59hmJQucsPwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-04-22 04:26:56
(1 year ago)
Restricted File Access Requests
Hacking
Brute-Force
πΊπΈ
snappic
2025-04-22 03:55:32
(1 year ago)
Malicious URI path & Amazon AWS User Agent Spoofing [GET /sftp-config.json] [Mozilla/5.0 (Macintosh; ...
show more
Malicious URI path & Amazon AWS User Agent Spoofing [GET /sftp-config.json] [Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0]
show less
Bad Web Bot
Web App Attack
π¬π§
rakkor
2025-04-22 03:55:09
(1 year ago)
2025/04/22 04:55:08 [error] 31017#31017: *5664726 open() "/var/services/web/sftp-config.json" failed ...
show more
2025/04/22 04:55:08 [error] 31017#31017: *5664726 open() "/var/services/web/sftp-config.json" failed (2: No such file or directory), client: 35.180.243.179, server: , request: "GET /sftp-config.json HTTP/1.1", host: "nzb.rakkor.uk"
2025/04/22 04:55:08 [error] 31016#31016: *5664729 open() "/var/services/web/.vscode/sftp.json" failed (2: No such file or directory), client: 35.180.243.179, server: , request: "GET /.vscode/sftp.json HTTP/1.1", host: "nzb.rakkor.uk"
...
show less
Hacking
Brute-Force
Web App Attack
Anonymous
2025-04-22 03:29:12
(1 year ago)
Bot / seems abusive / Apache connections: 20
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-04-22 03:27:46
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 35.180.243.179 (ec2-35-180-243-179.eu-west-3.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.180.243.179 (ec2-35-180-243-179.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 21 23:27:40.276539 2025] [security2:error] [pid 29508:tid 29508] [client 35.180.243.179:61195] [client 35.180.243.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ohp.freedrm.org"] [uri "/sftp-config.json"] [unique_id "aAcMrCd1CN6U1nZWDAhgfAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
bescared
2025-04-22 03:23:20
(1 year ago)
F2B - Malicious activity detected. URL Probing.
Hacking
Web App Attack
π¦πΊ
MAGIC
2025-04-22 03:11:35
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
π«π·
ecodehost.com
2025-04-22 03:07:02
(1 year ago)
Domain : ohsetraining.com
Rule : config
2025-04-22 03:05:44 10.100.1.20 GET /.vscode/sftp.json - 443 ...
show more
Domain : ohsetraining.com
Rule : config
2025-04-22 03:05:44 10.100.1.20 GET /.vscode/sftp.json - 443 - 35.180.243.179 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 - ohsetraining.com 404 0 2 234 224 72 - -
show less
Hacking
SQL Injection
πΊπΈ
TPI-Abuse
2025-04-22 02:57:09
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 35.180.243.179 (ec2-35-180-243-179.eu-west-3.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.180.243.179 (ec2-35-180-243-179.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 21 22:57:04.460111 2025] [security2:error] [pid 152650:tid 152650] [client 35.180.243.179:51732] [client 35.180.243.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ahhaartgallery.com"] [uri "/sftp-config.json"] [unique_id "aAcFgNvR0tLcsCdJMTfdogAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
MPL
2025-04-22 02:52:37
(1 year ago)
tcp/80 (6 or more attempts)
Port Scan
πΊπΈ
MPL
2025-04-22 02:52:37
(1 year ago)
tcp/80 (6 or more attempts)
Port Scan
πΊπΈ
Ocean Ascents
2025-04-22 02:29:47
(1 year ago)
Probe for vulnerabilities. Path attempted: /sftp-config
Web App Attack