๐ฏ๐ต
S.O.B.A. Dev.
2026-06-29 21:34:05
(1 day ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-21 05:19:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 01:19:03.061826 2026] [security2:error] [pid 6910:tid 6910] [client 108.162.242.103:13128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.elenacampo.magodarman.com"] [uri "/.git/HEAD"] [unique_id "ajd0RzhZNLMs1TO1FQCf3gAAAAk"], referer: https://www.google.com/search?q=www.elenacampo.magodarman.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 06:59:46
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:59:38.603328 2026] [security2:error] [pid 23622:tid 23622] [client 108.162.242.103:10773] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.schedlerbrennan.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.schedlerbrennan.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ai5RWjr_kJ5Ucu-gcltligAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-10 22:02:41
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
mnsf
2026-06-10 20:05:27
(2 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 16:55:55
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 12:55:48.696887 2026] [security2:error] [pid 15490:tid 15490] [client 108.162.242.103:13563] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.enriquelaw.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.enriquelaw.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aihFlIks6nayQ3JIRQ8cDgAAAFY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-05 04:06:42
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
Anonymous
2026-05-26 22:21:55
(1 month ago)
Web App Attack
Brute-Force
Web App Attack
Anonymous
2026-05-18 02:53:26
(1 month ago)
Web App Attack
Brute-Force
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-05-09 03:52:58
(1 month ago)
108.162.242.103 - - [09/May/2026:06:52:56 +0300] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 404 7 ...
show more
108.162.242.103 - - [09/May/2026:06:52:56 +0300] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 404 768 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95"
108.162.242.103 - - [09/May/2026:06:52:57 +0300] "GET /wp-content/plugins/seoplugins/db.php?u HTTP/1.1" 404 767 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-04-23 20:36:25
(2 months ago)
108.162.242.103 - - [23/Apr/2026:23:36:24 +0300] "GET /wp-content/index.php HTTP/1.1" 404 789 "-" "M ...
show more
108.162.242.103 - - [23/Apr/2026:23:36:24 +0300] "GET /wp-content/index.php HTTP/1.1" 404 789 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
108.162.242.103 - - [23/Apr/2026:23:36:24 +0300] "GET /wp-content/plugins/beteng88/ws83.php HTTP/1.1" 404 789 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-04-12 12:52:25
(2 months ago)
Web App Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 04:21:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 00:21:36.773922 2026] [security2:error] [pid 1988679:tid 1988679] [client 108.162.242.103:9913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wisk.org"] [uri "/.env.local"] [unique_id "adXX0IydHL57H-zm6JpTQgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 15:01:55
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 11:01:51.273522 2026] [security2:error] [pid 1938563:tid 1938563] [client 108.162.242.103:11564] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.californiabrokers.net.californiaappraisers.net"] [uri "/.env.bak"] [unique_id "adUcX5S_6rCpm0VJUYR3OAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 20:20:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.242.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 16:20:18.540992 2026] [security2:error] [pid 459964:tid 459964] [client 108.162.242.103:13805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.studio716.info"] [uri "/admin/.env"] [unique_id "adQVgqyI2m-s7i2y9GRAtAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack