JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.28.111.45

119.28.111.45 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 40%: ?

40%

ISP	Tencent cloud computing (Beijing) Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132203
Domain Name	tencent.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.28.111.45

Whois 119.28.111.45

IP Abuse Reports for 119.28.111.45:

This IP address has been reported a total of 18 times from 6 distinct sources. 119.28.111.45 was first reported on June 9th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 07:00:25 (6 days ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 03:00:16.570904 2026] [security2:error] [pid 25231:tid 25231] [client 119.28.111.45:58690] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.cuul.co\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.cuul.co"] [uri "/"] [unique_id "aikLgNoQ2fOLjNubW_JHFQAAAAY"], referer: http://www.learnjapanese.help show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 05:36:22 (6 days ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:36:18.363367 2026] [security2:error] [pid 12663:tid 12663] [client 119.28.111.45:59224] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.supportourlibrary.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.supportourlibrary.org"] [uri "/"] [unique_id "aij30ok6SMZF-zOBOfVLvgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:34:11 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:34:06.397405 2026] [security2:error] [pid 19212:tid 19212] [client 119.28.111.45:32784] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|advancedmotorsports.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "advancedmotorsports.com"] [uri "/"] [unique_id "aijNHi05l1tl7mVEJf-VGwAAAAE"], referer: http://www.amsducati.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 02:14:45 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:14:38.007312 2026] [security2:error] [pid 8175:tid 8175] [client 119.28.111.45:44548] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|hygeiamedical.icu\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hygeiamedical.icu"] [uri "/"] [unique_id "aijIjt-2aqVd50hx0sphGAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-06-09 13:02:02 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:46:54 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:46:49.869493 2026] [security2:error] [pid 22412:tid 22412] [client 119.28.111.45:56480] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.ahijado.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.ahijado.org"] [uri "/"] [unique_id "aigLObW-Iy8F0fB6zMPkvgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:29:51 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:29:47.116042 2026] [security2:error] [pid 31431:tid 31431] [client 119.28.111.45:49426] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.papapizza.pizza\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.papapizza.pizza"] [uri "/"] [unique_id "aigHO-ZzbfAoxKzAtzN0ogAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 dispensight	2026-06-09 12:14:19 (1 week ago)	Automated web scanner: 1 GET request to s01-app.dispensight.ca. Paths: /. UA: Mozilla/5.0 (iPhone; C ... show more Automated web scanner: 1 GET request to s01-app.dispensight.ca. Paths: /. UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1. ComsenzNet (Singapore, Singapore). show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 12:12:43 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:12:36.063926 2026] [security2:error] [pid 10282:tid 10282] [client 119.28.111.45:37976] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|daisydoesoap.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "daisydoesoap.com"] [uri "/"] [unique_id "aigDNL8W7iHRIq0rlS32owAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 vincent_EUDIER	2026-06-09 12:00:02 (1 week ago)	SERVER-APACHE Apache mod_ssl non-SSL connection to SSL port denial of service attempt	Hacking
🇺🇸 TPI-Abuse	2026-06-09 11:50:22 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:50:12.142044 2026] [security2:error] [pid 32313:tid 32313] [client 119.28.111.45:38370] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|lucasabrahamsen.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "lucasabrahamsen.org"] [uri "/"] [unique_id "aif99JqSofsCTfMzJjHMrgAAAFw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:24:00 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:23:56.437958 2026] [security2:error] [pid 32329:tid 32329] [client 119.28.111.45:55154] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|horneman.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "horneman.org"] [uri "/"] [unique_id "aif3zCB9O94yUBN2RnFW7AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 soverin	2026-06-09 11:02:58 (1 week ago)	Network scan on port 80	Email Spam
🇺🇸 TPI-Abuse	2026-06-09 10:50:03 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:49:58.460340 2026] [security2:error] [pid 26666:tid 26666] [client 119.28.111.45:40202] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|stationrestaurant.ca\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "stationrestaurant.ca"] [uri "/"] [unique_id "aifv1qAkBCtCCr7ITVC1OwAAAAM"], referer: http://www.happyhavelock.online show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 10:26:02 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 119.28.111.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:25:54.775843 2026] [security2:error] [pid 16311:tid 16311] [client 119.28.111.45:58174] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|accordionclub.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "accordionclub.org"] [uri "/"] [unique_id "aifqMsRNbpEOrvrLjz8soQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 182.183.21.45

🇹🇭 110.168.238.96

🇮🇩 103.187.165.26

🇺🇸 38.34.175.88

🇨🇭 209.99.184.143

🇩🇪 194.88.98.105

🇩🇪 151.243.11.35

🇺🇸 151.240.52.111

🇯🇵 116.80.43.240

🇨🇳 112.86.225.240

🇨🇳 111.37.22.206

🇨🇳 110.42.63.152

🇨🇳 106.75.137.178

🇫🇷 91.231.89.208

🇷🇺 77.108.100.162

🇺🇸 64.62.156.231

🇺🇸 64.62.156.164

🇺🇸 50.116.23.67

🇺🇸 20.168.120.227

🇰🇷 13.209.15.24