๐ฉ๐ช
Jochen Pretli
2025-07-29 08:00:00
(11 months ago)
connection to honeypot
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-07-15 11:42:22
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 15 07:42:18.005699 2025] [security2:error] [pid 29169:tid 29169] [client 74.208.56.190:49148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martinka.org"] [uri "/wp-config.php.old"] [unique_id "aHY-mrNp0z-sUvB7MlKbBgAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-15 04:52:53
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 15 00:52:49.242809 2025] [security2:error] [pid 29372:tid 29372] [client 74.208.56.190:43400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ch-blanchard.com"] [uri "/wp-config.php.old"] [unique_id "aHXeoag6K2hfJGqXiD4bKQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2025-07-15 04:28:14
(11 months ago)
Excessive multi-domain requests
Brute-Force
๐ฎ๐ฉ
Burayot
2025-07-15 03:01:48
(11 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 74.208.56.190 (US/United States/inf ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 74.208.56.190 (US/United States/infong461.perfora.net): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-13 11:58:51
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 13 07:58:44.317558 2025] [security2:error] [pid 26691:tid 26691] [client 74.208.56.190:50866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "baragaproperties.com"] [uri "/wp-config.php1"] [unique_id "aHOfdMJPdu8wbb6O7-GU0AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-12 16:11:48
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 12 12:11:43.599411 2025] [security2:error] [pid 8914:tid 8914] [client 74.208.56.190:42664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fingerprintinternational.com"] [uri "/wp-config.php.old"] [unique_id "aHKJP7w8FRhZ4OpXtpDQNgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-07-12 12:44:34
(1 year ago)
Bot / scanning and/or hacking attempts: [1/1] done, GET / HTTP/2.0, GET /wp-config.phpold HTTP/1.1, ...
show more
Bot / scanning and/or hacking attempts: [1/1] done, GET / HTTP/2.0, GET /wp-config.phpold HTTP/1.1, GET /wp-config.php1 HTTP/1.1, GET /wp-config HTTP/1.1, GET /wp-config.php.org HTTP/1.1
show less
Hacking
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2025-07-12 01:02:27
(1 year ago)
(mod_security) mod_security (id:949110) triggered by 74.208.56.190 (US/United States/infong461.perfo ...
show more
(mod_security) mod_security (id:949110) triggered by 74.208.56.190 (US/United States/infong461.perfora.net): N in the last X secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-11 17:56:47
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 11 13:56:41.265673 2025] [security2:error] [pid 24588:tid 24588] [client 74.208.56.190:60854] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "csmedicalbilling.com"] [uri "/wp-config.php.old"] [unique_id "aHFQWdPAb9TDZk8JCn410wAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-11 07:35:53
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 11 03:35:48.077350 2025] [security2:error] [pid 32605:tid 32605] [client 74.208.56.190:46446] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shieldsenterprises.com"] [uri "/wp-config.php1"] [unique_id "aHC-1LdGiG4h4lU_0AX8VAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-11 01:47:53
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 21:47:46.398690 2025] [security2:error] [pid 7159:tid 7159] [client 74.208.56.190:41834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xygil.com"] [uri "/wp-config.php.old"] [unique_id "aHBtQmZnfD_-Eldl2-6HeQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-11 01:14:10
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 21:14:04.592920 2025] [security2:error] [pid 11757:tid 11757] [client 74.208.56.190:46946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "outofthebluephotography.com"] [uri "/wp-config.php1"] [unique_id "aHBlXGeg-ffxEXl7kN3h1wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DocNetzwerk
2025-07-11 00:38:28
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 74.208.56.190 (US/United States/infong4 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 74.208.56.190 (US/United States/infong461.perfora.net)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2025-07-10 16:09:01
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.56.190 (infong461.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 12:08:57.559222 2025] [security2:error] [pid 25547:tid 25667] [client 74.208.56.190:41840] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omniuscorp.com"] [uri "/wp-config.php1"] [unique_id "aG_lmdPjzN9WeQmqgDKXiQAAAEk"]
show less
Brute-Force
Bad Web Bot
Web App Attack