๐ฉ๐ช
FeG Deutschland
2026-07-01 17:43:05
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:43:03
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:42:58.567592 2026] [security2:error] [pid 1151:tid 1151] [client 64.105.88.37:47198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restlesseye.com"] [uri "/archive/undiscovered-country/index.htm/sftp-config.json"] [unique_id "akUZYuh7G6BkNzbKhTTEZwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:27:24
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:27:19.573941 2026] [security2:error] [pid 23130:tid 23130] [client 64.105.88.37:38800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.localprowrestling.com"] [uri "/sftp-config.json"] [unique_id "akUVtwMBGJ-WkFTZbhgFAgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:10:24
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:10:18.962117 2026] [security2:error] [pid 19718:tid 19748] [client 64.105.88.37:28450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "almerirock.com"] [uri "/sftp-config.json"] [unique_id "akURujvJH3BngH0JfEHJMwAAAMg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-30 05:14:10
(4 days ago)
2 attacks on password grabbing URLs:
GET /.vscode/sftp.json HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 00:08:51
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:08:47.255816 2026] [security2:error] [pid 18219:tid 18219] [client 64.105.88.37:38370] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livesteamtracks.info"] [uri "/daleking.info/sftp-config.json"] [unique_id "akG3jyB5SKMJMpipvtgTfQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-28 17:41:24
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 02:40:55
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:40:51.006032 2026] [security2:error] [pid 9772:tid 9772] [client 64.105.88.37:8132] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cyprus-boat-registration.com"] [uri "/sftp-config.json"] [unique_id "akCJs_XUgCK2ZeIu-Tu5DwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 01:39:49
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:39:44.715490 2026] [security2:error] [pid 19207:tid 19215] [client 64.105.88.37:17254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cynosureinternetservices.com"] [uri "/sftp-config.json"] [unique_id "akB7YNw4W8Q-nzsc1ujATwAAAUY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-27 22:31:03
(6 days ago)
[SunJun2800:30:56.8456562026][security2:error][pid3067140:tid3067144][client64.105.88.37:0]ModSecuri ...
show more
[SunJun2800:30:56.8456562026][security2:error][pid3067140:tid3067144][client64.105.88.37:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"cybertelgroup.com\"][uri\"/.vscode/sftp.json\"][unique_id\"akBPIFn4Csl6f6EEXXR2OwAAAAI\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 14:32:26
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 10:32:21.064680 2026] [security2:error] [pid 6619:tid 6619] [client 64.105.88.37:41688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuul.co"] [uri "/sftp-config.json"] [unique_id "aj_e9YIYvfihpFE5YYopvAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 12:41:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 08:40:53.960390 2026] [security2:error] [pid 23411:tid 23411] [client 64.105.88.37:12362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customprintedinvitations.com"] [uri "/sftp-config.json"] [unique_id "aj_E1c41Nxte0j1B-TPm0QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 09:32:20
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:32:17.100372 2026] [security2:error] [pid 19237:tid 19237] [client 64.105.88.37:50962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "curryfirm.com"] [uri "/sftp-config.json"] [unique_id "aj-YoWo5yTCLAT3PBocTqAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-27 04:24:00
(1 week ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 02:51:36
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapa ...
show more
(mod_security) mod_security (id:210492) triggered by 64.105.88.37 (h-64-105-88-37.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:51:32.698914 2026] [security2:error] [pid 15861:tid 15861] [client 64.105.88.37:40030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cubbylure.com"] [uri "/sftp-config.json"] [unique_id "aj86tA91VAMEuBTfXgO45wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack