π―π΅
S.O.B.A. Dev.
2026-07-10 23:52:25
(53 minutes ago)
Persistent port scanning or vulnerability scanning
Port Scan
πΊπΈ
TPI-Abuse
2026-07-08 13:06:21
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 09:06:17.634272 2026] [security2:error] [pid 7817:tid 7817] [client 108.162.242.38:12085] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.originalmobiliario.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.originalmobiliario.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ak5LScuDtRExMoJTp_Sm7QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 21:32:31
(5 days ago)
Web App Attack
Brute-Force
Web App Attack
π―π΅
S.O.B.A. Dev.
2026-07-05 07:14:57
(5 days ago)
Persistent port scanning or vulnerability scanning
Port Scan
Anonymous
2026-06-29 03:24:00
(1 week ago)
Web App Attack
Brute-Force
Web App Attack
Anonymous
2026-06-23 03:14:39
(2 weeks ago)
Aggressive web scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-19 08:28:09
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:28:05.996977 2026] [security2:error] [pid 12901:tid 12901] [client 108.162.242.38:9586] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.hills-tax.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.hills-tax.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ajT9lV7ayNR1kzusqfrqkwAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-06-04 12:05:53
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
Anonymous
2026-05-29 14:34:37
(1 month ago)
Aggressive web scan
Web App Attack
π¬π§
sandra361
2026-05-26 20:11:01
(1 month ago)
Port scan detected: 6 attempts across 1 ports (443). | Evidence: REAPER_TARPIT:IN=enp1s0f0 OUT= SRC= ...
show more
Port scan detected: 6 attempts across 1 ports (443). | Evidence: REAPER_TARPIT:IN=enp1s0f0 OUT= SRC=108.162.242.38 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=3483 DF PROTO=TCP SPT=13444 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-05-24 21:53:42
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 17:53:37.888915 2026] [security2:error] [pid 13250:tid 13250] [client 108.162.242.38:13084] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.arnoldwell.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.arnoldwell.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ahNzYZFRlwZIo38OvJOaWAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-12 08:59:48
(1 month ago)
Aggressive web scan
Web App Attack
π―π΅
S.O.B.A. Dev.
2026-04-13 15:31:59
(2 months ago)
Persistent port scanning or vulnerability scanning
Port Scan
Anonymous
2026-04-09 04:40:27
(3 months ago)
Aggressive web scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 08:49:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.242.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 04:49:24.313162 2026] [security2:error] [pid 2001575:tid 2001575] [client 108.162.242.38:11413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agirlwithaguitar.misscharlottemusic.com"] [uri "/.env.backup"] [unique_id "adYWlHUi-2w1hmUt6gyRGwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack