๐บ๐ธ
Lezetho
2026-07-09 23:00:46
(20 hours ago)
DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare
DDoS Attack
Email Spam
Hacking
Brute-Force
๐ช๐ธ
pipeline.es
2026-07-09 15:20:47
(1 day ago)
Web scanning / probing for vulnerable paths | URL: /sftp-config.json | Evidence: qualodestino.pt 93. ...
show more
Web scanning / probing for vulnerable paths | URL: /sftp-config.json | Evidence: qualodestino.pt 93.152.40.25 - - [09/Jul/2026:17:18:05 +0200] \"GET /sftp-config.json HTTP/1.1\" 404 21255 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36\" GEOIP_COUNTRY_CODE=FR | ASN: M247 Europe SRL | Country: FR
show less
Port Scan
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-09 13:59:47
(1 day ago)
(y4) Failed scan -byebye- from 93.152.40.25 (FR/France/-): (CF_ENABLE)
Hacking
๐บ๐ธ
mnsf
2026-07-09 12:05:10
(1 day ago)
Too many Status 40X (15)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-08 03:42:05
(2 days ago)
248 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐ซ๐ท
masterguru
2026-07-08 01:12:31
(2 days ago)
Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 22:12:26
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 18:12:19.564822 2026] [security2:error] [pid 14938:tid 14938] [client 93.152.40.25:5172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "visanya.com"] [uri "/sftp-config.json"] [unique_id "ak15w7x2tMFkuH6arOlyLwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 20:13:27
(2 days ago)
(caddyscan) Scanner path probe from 93.152.40.25 (FR/France/-): 5 in the last 3600 secs; Ports: *; D ...
show more
(caddyscan) Scanner path probe from 93.152.40.25 (FR/France/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 404 219 93.152.40.25 - - [07/Jul/2026:20:13:22 +0000] "GET /.vscode/sftp.json HTTP/1.1"
[REDACTED] 200 2627 93.152.40.25 - - [07/Jul/2026:20:13:22 +0000] "GET /.vscode/sftp.json HTTP/1.1"
[REDACTED] 200 2627 93.152.40.25 - - [07/Jul/2026:20:13:22 +0000] "GET /.vscode/sftp.json HTTP/1.1"
[REDACTED] 200 2627 93.152.40.25 - - [07/Jul/2026:20:13:23 +0000] "GET /.vscode/sftp.json HTTP/1.1"
[REDACTED] 200 2627 93.152.40.25 - - [07/Jul/2026:20:13:23 +0000] "GET /.vscode/sftp.json HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-12 04:19:49
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:19:45.086016 2026] [security2:error] [pid 32657:tid 32657] [client 93.152.40.25:54906] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "debradamico.com"] [uri "/sftp-config.json"] [unique_id "aiuI4YNqUwJb267KRQ9VsQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 01:37:23
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:37:19.358913 2026] [security2:error] [pid 26741:tid 26741] [client 93.152.40.25:12194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rondeal.com"] [uri "/sftp-config.json"] [unique_id "aitiz1PztMw3tVzu61qhBAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-12 00:35:51
(4 weeks ago)
Try to access /.vscode/sftp.json
Web App Attack
๐จ๐ญ
4server
2026-06-11 21:41:41
(4 weeks ago)
[ThuJun1123:41:34.3468102026][security2:error][pid1047675:tid1047979][client93.152.40.25:0]ModSecuri ...
show more
[ThuJun1123:41:34.3468102026][security2:error][pid1047675:tid1047979][client93.152.40.25:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"dc-graphicart.com\"][uri\"/sftp-config.json\"][unique_id\"aisrju43_xBticdBpiCb9wAAAMU\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 20:36:27
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 16:36:19.250280 2026] [security2:error] [pid 12867:tid 12867] [client 93.152.40.25:65022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dbanetwork.net"] [uri "/sftp-config.json"] [unique_id "aiscQ1ELtUg4YQhBfQp8fgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 19:28:57
(4 weeks ago)
(mod_security) mod_security (id:210580) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210580) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 15:28:51.181859 2026] [security2:error] [pid 21821:tid 21821] [client 93.152.40.25:56600] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||daylightingit.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/daveharsh.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "daylightingit.com"] [uri "/.vscode/sftp.json"] [unique_id "aisMc7lvvibwKjFN_twdNAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 17:20:55
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 93.152.40.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:20:47.615307 2026] [security2:error] [pid 12477:tid 12477] [client 93.152.40.25:50624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidrayskinner.com"] [uri "/sftp-config.json"] [unique_id "airub8Jx6DJItDMCLHkRXwAAADA"]
show less
Brute-Force
Bad Web Bot
Web App Attack