๐ง๐ช
boxed-it
2025-11-26 03:48:39
(7 months ago)
GET /config/app.php (Tarpitted for 1d15h8m28s, wasted 8.06MB)
Web App Attack
๐ฉ๐ช
NxtGenIT
2025-11-24 10:41:02
(7 months ago)
Tanner Honeypot hit, Event Type: , HTTP Method: GET, User Agent: , URI: /config/acl.config.php
SSH
๐จ๐ณ
ThreatBook.io
2025-11-24 00:09:41
(7 months ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/149.50.97.229
2025-11- ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/149.50.97.229
2025-11-23 06:45:31 /
show less
Web App Attack
๐ซ๐ฎ
stinpriza
2025-11-23 16:09:38
(7 months ago)
Web App Attack
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2025-11-23 14:39:07
(7 months ago)
(mod_security-custom) mod_security (id:210801) triggered by 149.50.97.229 (PL/Poland/Mazovia/Warsaw/ ...
show more
(mod_security-custom) mod_security (id:210801) triggered by 149.50.97.229 (PL/Poland/Mazovia/Warsaw/-/[AS201814 MEVSPACE]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
Anonymous
2025-11-22 17:37:14
(7 months ago)
fail2ban_an apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/"]
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2025-11-22 11:30:46
(7 months ago)
149.50.97.229 - - [22/Nov/2025:13:30:44 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 274 "-" "Go-htt ...
show more
149.50.97.229 - - [22/Nov/2025:13:30:44 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 274 "-" "Go-http-client/1.1"
...
show less
Web App Attack
๐บ๐ธ
etu brutus
2025-11-22 07:01:32
(7 months ago)
149.50.97.229 Blocked by [Attack Vector List]
...
Hacking
Brute-Force
Exploited Host
๐ฌ๐ง
[email protected]
2025-11-22 00:37:20
(7 months ago)
...
Brute-Force
SSH
๐บ๐ฆ
URAN Publishing Service
2025-11-22 00:10:55
(7 months ago)
149.50.97.229 - - [22/Nov/2025:02:10:52 +0200] "GET /wp-config.php.old HTTP/1.1" 404 276 "-" "Go-htt ...
show more
149.50.97.229 - - [22/Nov/2025:02:10:52 +0200] "GET /wp-config.php.old HTTP/1.1" 404 276 "-" "Go-http-client/1.1"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-21 23:21:14
(7 months ago)
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 18:21:09.549808 2025] [security2:error] [pid 274812:tid 274812] [client 149.50.97.229:15445] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "grabber" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||central-wi-coal-sales.com|F|2"] [data "mozilla/5.0 (compatible; warc-grabber-livecheck/1.0)"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "central-wi-coal-sales.com"] [uri "/"] [unique_id "aSDz5YcTYRlY1L2ppVSNHwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-21 22:55:10
(7 months ago)
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 17:55:04.568258 2025] [security2:error] [pid 12258:tid 12258] [client 149.50.97.229:27651] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "grabber" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||eagrant.com|F|2"] [data "mozilla/5.0 (compatible; warc-grabber-livecheck/1.0)"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "eagrant.com"] [uri "/"] [unique_id "aSDtyKZ3aSWj0fxbvk-S-wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-21 22:24:30
(7 months ago)
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 17:24:24.450162 2025] [security2:error] [pid 17008:tid 17008] [client 149.50.97.229:15911] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "grabber" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||fnavarro.com|F|2"] [data "mozilla/5.0 (compatible; warc-grabber-livecheck/1.0)"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "fnavarro.com"] [uri "/"] [unique_id "aSDmmFQmmw9XxbUVI76GJQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-21 22:08:52
(7 months ago)
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 17:08:44.282265 2025] [security2:error] [pid 28990:tid 28990] [client 149.50.97.229:10220] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "grabber" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||cityforsalefilm.com|F|2"] [data "mozilla/5.0 (compatible; warc-grabber-livecheck/1.0)"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "cityforsalefilm.com"] [uri "/"] [unique_id "aSDi7KuZXq7H7vuoikQxmgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-21 21:47:37
(7 months ago)
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210801) triggered by 149.50.97.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 16:47:33.445254 2025] [security2:error] [pid 498:tid 566] [client 149.50.97.229:2565] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "grabber" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site||bobchaos.com|F|2"] [data "mozilla/5.0 (compatible; warc-grabber-livecheck/1.0)"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "bobchaos.com"] [uri "/"] [unique_id "aSDd9S06xQxpbUClb8vyKwAAAII"]
show less
Brute-Force
Bad Web Bot
Web App Attack