๐บ๐ธ
mawan
2026-07-10 04:11:26
(22 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-08 21:01:31
(2 days ago)
108.162.242.89 - - [09/Jul/2026:00:01:29 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.p ...
show more
108.162.242.89 - - [09/Jul/2026:00:01:29 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 770 "-" "-"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-08 10:41:10
(2 days ago)
108.162.242.89 - - [08/Jul/2026:13:41:09 +0300] "GET /wp-content/themes/index.php HTTP/1.1" 404 3349 ...
show more
108.162.242.89 - - [08/Jul/2026:13:41:09 +0300] "GET /wp-content/themes/index.php HTTP/1.1" 404 3349 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
108.162.242.89 - - [08/Jul/2026:13:41:09 +0300] "GET /wp-content/themes/theme/about.php HTTP/1.1" 404 789 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-07-06 11:05:31
(4 days ago)
[Mon Jul 06 13:05:30.003172 2026] [authz_core:error] [pid 6362] [client 108.162.242.89:13647] AH0163 ...
show more
[Mon Jul 06 13:05:30.003172 2026] [authz_core:error] [pid 6362] [client 108.162.242.89:13647] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Jul 06 13:05:30.134021 2026] [authz_core:error] [pid 6362] [client 108.162.242.89:13647] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Jul 06 13:05:30.262657 2026] [authz_core:error] [pid 6362] [client 108.162.242.89:13647] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
mawan
2026-07-05 17:24:46
(5 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-07-05 00:37:12
(6 days ago)
[Sun Jul 05 02:37:11.181073 2026] [authz_core:error] [pid 25319] [client 108.162.242.89:9371] AH0163 ...
show more
[Sun Jul 05 02:37:11.181073 2026] [authz_core:error] [pid 25319] [client 108.162.242.89:9371] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Jul 05 02:37:11.569596 2026] [authz_core:error] [pid 25319] [client 108.162.242.89:9371] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Jul 05 02:37:11.874287 2026] [authz_core:error] [pid 25319] [client 108.162.242.89:9371] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2026-07-04 09:14:53
(6 days ago)
[Sat Jul 04 11:14:52.285039 2026] [authz_core:error] [pid 18386] [client 108.162.242.89:11236] AH016 ...
show more
[Sat Jul 04 11:14:52.285039 2026] [authz_core:error] [pid 18386] [client 108.162.242.89:11236] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Jul 04 11:14:52.668386 2026] [authz_core:error] [pid 18386] [client 108.162.242.89:11236] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Jul 04 11:14:53.120512 2026] [authz_core:error] [pid 18386] [client 108.162.242.89:11236] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2026-07-03 12:56:08
(1 week ago)
[Fri Jul 03 14:56:06.653338 2026] [authz_core:error] [pid 27728] [client 108.162.242.89:10893] AH016 ...
show more
[Fri Jul 03 14:56:06.653338 2026] [authz_core:error] [pid 27728] [client 108.162.242.89:10893] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Jul 03 14:56:07.245639 2026] [authz_core:error] [pid 27728] [client 108.162.242.89:10893] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Jul 03 14:56:07.497891 2026] [authz_core:error] [pid 27728] [client 108.162.242.89:10893] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
mawan
2026-07-01 01:35:49
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-30 15:09:57
(1 week ago)
108.162.242.89 - - [30/Jun/2026:18:09:55 +0300] "GET /wp-admin/user/index.php HTTP/1.1" 404 791 "-" ...
show more
108.162.242.89 - - [30/Jun/2026:18:09:55 +0300] "GET /wp-admin/user/index.php HTTP/1.1" 404 791 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
108.162.242.89 - - [30/Jun/2026:18:09:56 +0300] "GET /wp-content/themes/hideo/network.php HTTP/1.1" 404 791 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 23:56:52
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 108.162.242.89 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.242.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:56:46.352955 2026] [security2:error] [pid 31665:tid 31665] [client 108.162.242.89:14092] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.blueworkdesign.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.blueworkdesign.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akMGPpEWI-_MNVuDJHkuVAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-29 06:23:11
(1 week ago)
108.162.242.89 - - [29/Jun/2026:09:23:09 +0300] "GET /wp-content/plugins/core-plugin/include.php HTT ...
show more
108.162.242.89 - - [29/Jun/2026:09:23:09 +0300] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 404 3351 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
108.162.242.89 - - [29/Jun/2026:09:23:11 +0300] "GET /wp-includes/IXR/test1.php HTTP/1.1" 404 791 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-23 14:04:58
(2 weeks ago)
108.162.242.89 - - [23/Jun/2026:17:04:56 +0300] "GET /wp-includes/ID3/about.php HTTP/1.1" 404 683 "- ...
show more
108.162.242.89 - - [23/Jun/2026:17:04:56 +0300] "GET /wp-includes/ID3/about.php HTTP/1.1" 404 683 "-" "-"
108.162.242.89 - - [23/Jun/2026:17:04:56 +0300] "GET /wp-admin/css/ HTTP/1.1" 404 683 "-" "-"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 05:03:45
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 108.162.242.89 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.242.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 01:03:36.907400 2026] [security2:error] [pid 4845:tid 4845] [client 108.162.242.89:10974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.easylandcash.myhomeflyer.com"] [uri "/.env.local"] [unique_id "ajdwqAjT9HvnN3OzcrEUyAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-19 04:22:11
(3 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack