๐บ๐ธ
TPI-Abuse
2026-07-04 18:07:09
(4 hours ago)
(mod_security) mod_security (id:949110) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:07:05.779548 2026] [security2:error] [pid 13353:tid 13353] [client 102.98.100.36:56537] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "pleasejustfixit.org"] [uri "/.env"] [unique_id "aklLyTJUwd4AKLz_-seafgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 17:47:38
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 13:47:35.121703 2026] [security2:error] [pid 21539:tid 21539] [client 102.98.100.36:57753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pozzolan.org"] [uri "/.env"] [unique_id "aklHN2GSHN2YXE69IvjMLwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 08:09:23
(14 hours ago)
2026-07-04T10:09:22.701862 biopolis.pcconsultant.it postfix/smtpd[2082336]: warning: unknown[102.98. ...
show more
2026-07-04T10:09:22.701862 biopolis.pcconsultant.it postfix/smtpd[2082336]: warning: unknown[102.98.100.36]: SASL PLAIN authentication failed: authentication failure, [email protected]
...
show less
Brute-Force
Anonymous
2026-07-03 20:20:47
(1 day ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:02:23
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:02:15.774459 2026] [security2:error] [pid 32643:tid 32643] [client 102.98.100.36:56721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pbeyer.org"] [uri "/.env"] [unique_id "akfrF4-gwjPYDMM0G8WAJQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-02 12:52:36
(2 days ago)
Sensitive File Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:39:07
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:39:02.297970 2026] [security2:error] [pid 9283:tid 9283] [client 102.98.100.36:64363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumeriatc.org"] [uri "/.env"] [unique_id "akZN1tpTH6isKAv5jPF7VwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 05:00:19
(2 days ago)
BruteForce IMAP/POP3/SMTP
Brute-Force
๐จ๐ฟ
lp
2026-07-02 04:51:10
(2 days ago)
Email account brute force: 2 attempts were recorded from 102.98.100.36
2026-07-02T05:55:12+02:00 war ...
show more
Email account brute force: 2 attempts were recorded from 102.98.100.36
2026-07-02T05:55:12+02:00 warning: unknown[102.98.100.36]: SASL PLAIN authentication failed: authentication failure, [email protected]
2026-07-02T05:55:12+02:00 warning: unknown[102.98.100.36]: SASL LOGIN authentication failed: authentication failure, [email protected]
show less
Brute-Force
๐ซ๐ฎ
notelseit
2026-07-01 23:26:42
(2 days ago)
2026-07-02T01:26:35.003692+02:00 mail postfix/submission/smtpd[279234]: warning: unknown[102.98.100. ...
show more
2026-07-02T01:26:35.003692+02:00 mail postfix/submission/smtpd[279234]: warning: unknown[102.98.100.36]: SASL PLAIN authentication failed: (reason unavailable), [email protected]
2026-07-02T01:26:41.169666+02:00 mail postfix/submission/smtpd[279234]: warning: unknown[102.98.100.36]: SASL LOGIN authentication failed: (reason unavailable), [email protected]
2026-07-02T01:26:41.250037+02:00 mail postfix/submission/smtpd[279234]: disconnect from unknown[102.98.100.36] ehlo=2 starttls=1 auth=0/2 quit=1 commands=4/6
...
show less
Brute-Force
Email Spam
๐ซ๐ท
GabrielJST
2026-07-01 23:12:05
(2 days ago)
(smtpauth) Failed SMTP AUTH login from 102.98.100.36 (MA/Morocco/-)
Brute-Force
๐ฎ๐น
VHosting
2026-07-01 22:11:13
(3 days ago)
Detected mail brute force attack from 4 different servers
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 21:47:49
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:47:41.356503 2026] [security2:error] [pid 18995:tid 18995] [client 102.98.100.36:54266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrpinman.org"] [uri "/.env"] [unique_id "akWK_Yh2CUBkLxkpWGY4dgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 20:37:39
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 16:37:32.214459 2026] [security2:error] [pid 11229:tid 11229] [client 102.98.100.36:53950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pathpa.org"] [uri "/.env"] [unique_id "akV6jFENzwx3QjYo64g5BQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 19:26:57
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.100.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 15:26:54.374526 2026] [security2:error] [pid 17090:tid 17090] [client 102.98.100.36:57196] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photo-craft.org"] [uri "/.env"] [unique_id "akVp_nCCPcw_yFL5fcNW4wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack