πΊπΈ
TPI-Abuse
2026-07-15 08:47:29
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:47:25.651018 2026] [security2:error] [pid 15833:tid 15833] [client 161.115.234.198:44583] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.voodooshop.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.voodooshop.com"] [uri "/about"] [unique_id "aldJHU00hOepd79aDQjvMgAAAAQ"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨πΏ
ddw
2026-07-04 10:40:00
(1 week ago)
Access Violation Attempts - Multiple 403 Forbidden responses.
Hacking
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 04:57:44
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 00:57:38.106197 2026] [security2:error] [pid 27076:tid 27106] [client 161.115.234.198:52945] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.biblewriter.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.biblewriter.com"] [uri "/"] [unique_id "akSeQrU3440Xjc2iii0R1gAAAAQ"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΈπ¬
mypatricks
2026-06-25 04:56:35
(3 weeks ago)
161.115.234.198 | Port: 12822 | DNS: 161.115.234.198 2026-06-25T12:56:33+08:00 America/New_York | Su ...
show more
161.115.234.198 | Port: 12822 | DNS: 161.115.234.198 2026-06-25T12:56:33+08:00 America/New_York | Suspicious Spoofing Activity | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:135.0) Gecko/20100101 Firefox/135.0 HTTP/1.1 443 GET | URL: / | Ref: https://www.google.com/ | Country: US/United States/-08:00 IP City: Washington a11162e06da5c130-IAD/Ashburn, VA, United States 1 hits/0 secs Browser 0
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
πΊπΈ
TPI-Abuse
2026-05-24 15:11:50
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 11:11:42.479120 2026] [security2:error] [pid 16526:tid 16526] [client 161.115.234.198:58347] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||prostar.industries|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "prostar.industries"] [uri "/"] [unique_id "ahMVLhQlCFojk_IqNHm9hgAAAAQ"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-16 18:50:54
(2 months ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 14:50:45.873125 2026] [security2:error] [pid 5810:tid 5810] [client 161.115.234.198:57221] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||transporting.to|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "transporting.to"] [uri "/Adia/"] [unique_id "agi8hY8rF_qzzjhF6jcDtAAAAAc"], referer: http://adiasplace.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
MAGIC
2026-05-09 00:06:35
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-05-06 09:54:12
(2 months ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 05:54:09.577598 2026] [security2:error] [pid 6140:tid 6260] [client 161.115.234.198:60565] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||osp.schoprint.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "osp.schoprint.com"] [uri "/"] [unique_id "afsPwZO11h2kIHe4PwZoTAAAARA"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-04 07:30:30
(2 months ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 03:30:24.637741 2026] [security2:error] [pid 20991:tid 21113] [client 161.115.234.198:41073] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.totheendsoftheearth.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.totheendsoftheearth.com"] [uri "/"] [unique_id "afhLECC6CZmPY6gHI69pRAAAAA8"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
blinx
2026-05-02 07:42:28
(2 months ago)
Suspicious activity detected by Modsecurity
Web Spam
Port Scan
Hacking
Bad Web Bot
Web App Attack
π©πͺ
HandyTreff.de
2026-05-01 18:09:54
(2 months ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -34.941 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -34.941 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0
show less
Web App Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-04-30 18:37:14
(2 months ago)
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 161.115.234.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 14:37:08.120584 2026] [security2:error] [pid 21872:tid 21872] [client 161.115.234.198:38059] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.nashes.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nashes.net"] [uri "/"] [unique_id "afOhVHMiH02VmPbcKu2_hwAAABE"], referer: http://franknash.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2026-02-01 23:00:15
(5 months ago)
block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE
Bad Web Bot