๐บ๐ธ
TPI-Abuse
2026-07-18 01:57:33
(21 hours ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 21:57:25.612299 2026] [security2:error] [pid 1642321:tid 1642321] [client 104.28.160.255:19898] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||hardemancountyjournal.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hardemancountyjournal.com"] [uri "/"] [unique_id "alrdhR8zNDkAuvCLR7oVawAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 17:11:40
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 13:11:37.202795 2026] [security2:error] [pid 1665634:tid 1665634] [client 104.28.160.255:16855] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||michleen-collins.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "michleen-collins.com"] [uri "/"] [unique_id "alpiSVwDHPn33nXqqb-u2wAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 16:52:16
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 12:52:09.834649 2026] [security2:error] [pid 999750:tid 999750] [client 104.28.160.255:15147] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||accu-tuner.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "accu-tuner.com"] [uri "/"] [unique_id "alpduXRjk_wl_RfmQCegLwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 15:33:45
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 11:33:37.931933 2026] [security2:error] [pid 22207:tid 22207] [client 104.28.160.255:16561] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||pascalroy.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "pascalroy.com"] [uri "/"] [unique_id "alpLUaiYVRtPJ5vo-yxJGQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 14:45:44
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:45:40.094558 2026] [security2:error] [pid 32705:tid 32705] [client 104.28.160.255:15474] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||maffiniandbearce.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "maffiniandbearce.com"] [uri "/"] [unique_id "alpAFI6X6szvnTf7f9YRMAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 01:28:43
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 21:28:37.780728 2026] [security2:error] [pid 25173:tid 25211] [client 104.28.160.255:26062] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||busybeerestaurant.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "busybeerestaurant.com"] [uri "/"] [unique_id "albiRed2YfWTPTINSTSD6QAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 02:53:42
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:53:35.742555 2026] [security2:error] [pid 7455:tid 7455] [client 104.28.160.255:41324] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||marshallcurry.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "marshallcurry.com"] [uri "/"] [unique_id "alWkr_GiPBs_WNMWFLvGAAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 02:25:22
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:25:15.005025 2026] [security2:error] [pid 19775:tid 19798] [client 104.28.160.255:40172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||icecc.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "icecc.com"] [uri "/"] [unique_id "alWeCxTnkBWoUNyZKov4EQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:55:10
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 104.28.160.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:55:04.323998 2026] [security2:error] [pid 33900:tid 33900] [client 104.28.160.255:41915] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||clossglobal.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "clossglobal.com"] [uri "/"] [unique_id "alWW-AiGKSQNSMK3tNjyVgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xmission.com
2026-07-08 00:57:39
(1 week ago)
Blocked by UFW (TCP on 8333)
Source port: 62654
TTL: 48
Packet length: 60
TOS: 0x08
This report (fo ...
show more
Blocked by UFW (TCP on 8333)
Source port: 62654
TTL: 48
Packet length: 60
TOS: 0x08
This report (for 104.28.160.255) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐จ๐ด
adalbertoreyes.org
2026-06-30 17:22:33
(2 weeks ago)
CategoryPortScan
Port Scan
๐ณ๐ฑ
EGP Abuse Dept
2026-05-21 06:55:03
(1 month ago)
Unsolicited connection to port 465
Port Scan
Hacking
๐บ๐ธ
xmission.com
2026-05-12 23:19:50
(2 months ago)
Blocked by UFW (TCP on 123)
Source port: 33671
TTL: 49
Packet length: 60
TOS: 0x08
This report (for ...
show more
Blocked by UFW (TCP on 123)
Source port: 33671
TTL: 49
Packet length: 60
TOS: 0x08
This report (for 104.28.160.255) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ฎ๐น
Inartis
2026-05-01 07:56:07
(2 months ago)
2026-05-01T09:56:05.776770mail1.inartis.it postfix/smtpd[3195942]: warning: unknown[104.28.160.255]: ...
show more
2026-05-01T09:56:05.776770mail1.inartis.it postfix/smtpd[3195942]: warning: unknown[104.28.160.255]: SASL PLAIN authentication failed: authentication failure, [email protected]
...
show less
Port Scan
Brute-Force
Anonymous
2026-05-01 04:38:07
(2 months ago)
6x Postfix SASL LOGIN authentication failed
Brute-Force