๐บ๐ธ
TPI-Abuse
2026-07-14 17:41:17
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 13:41:11.168111 2026] [security2:error] [pid 20868:tid 20868] [client 108.162.241.204:10733] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.hvacmechanalysis.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.hvacmechanalysis.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "alZ0tzDfiXI6KSf0P7AqNQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 17:30:31
(3 days ago)
Web Probe / Attack
Web App Attack
๐ฉ๐ช
acadeova
2026-06-06 03:18:54
(1 month ago)
๐จ Recon detected (nft drop)
SRC=108.162.241.204
Observed=TCP dpt=80 in=enp0s6 ttl=56
Time=recent(jou ...
show more
๐จ Recon detected (nft drop)
SRC=108.162.241.204
Observed=TCP dpt=80 in=enp0s6 ttl=56
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-05 17:49:47
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 13:49:41.483098 2026] [security2:error] [pid 27284:tid 27284] [client 108.162.241.204:11489] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.monmouthbottleshop.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.monmouthbottleshop.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aiMMNUzo74gTdwEKHZc-0AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-01 20:49:36
(1 month ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
wimaxnz
2026-05-09 00:15:39
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-07 05:09:03
(2 months ago)
(mod_security) mod_security (id:949110) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:949110) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 01:08:55.884179 2026] [security2:error] [pid 32484:tid 32484] [client 108.162.241.204:10418] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "autodiscover.armstrongenvironmental.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "afweZ4gJXZ23dvT1NZ6XXwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-16 17:31:25
(3 months ago)
Web App Attack
Brute-Force
Web App Attack
๐บ๐ธ
wimaxnz
2026-04-15 05:26:52
(3 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
Anonymous
2026-04-15 04:59:48
(3 months ago)
Aggressive web scan
Web App Attack
Anonymous
2026-04-14 21:22:51
(3 months ago)
Web App Attack
Brute-Force
Web App Attack
๐บ๐ธ
wimaxnz
2026-04-11 02:04:15
(3 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
๐บ๐ธ
TPI-Abuse
2026-04-08 03:08:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 23:08:37.884831 2026] [security2:error] [pid 1838629:tid 1838629] [client 108.162.241.204:13633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.arcdesign.me"] [uri "/.env.development"] [unique_id "adXGtZ4_DrPhXBNADpsS_wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 01:01:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 21:01:14.959306 2026] [security2:error] [pid 1627894:tid 1627894] [client 108.162.241.204:9934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wwts.io"] [uri "/private/.env"] [unique_id "adWo2k6jFyLlEzs2IaOL0AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 19:41:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 15:41:27.386051 2026] [security2:error] [pid 1431119:tid 1431119] [client 108.162.241.204:12723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.americancryonics.org"] [uri "/.git/index"] [unique_id "adVd5_TZbiUusfLwWIB5XgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack