๐บ๐ธ
TPI-Abuse
2026-06-28 21:38:24
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:38:16.858851 2026] [security2:error] [pid 3670:tid 3670] [client 168.144.116.211:64306] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||autodiscover.yukihouse.hk|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.yukihouse.hk"] [uri "/"] [unique_id "akGUSAgOMtlp6i-_7_uY_wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hary74656
2026-06-28 14:10:28
(2 days ago)
[Sun Jun 28 15:34:17.973221 2026] [security2:error] [pid 180626:tid 180791] [client 168.144.116.211: ...
show more
[Sun Jun 28 15:34:17.973221 2026] [security2:error] [pid 180626:tid 180791] [client 168.144.116.211:26292] [client 168.144.116.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive|close),\\\\s?(?:keep-alive|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "339"] [id "920210"] [msg "Multiple/Conflicting Connection Header Data Found"] [data "keep-alive, close"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [hostname "bro.weavernet.at"] [uri "/"] [unique_id "akEi2Q5Cu-m4KC0ubicLuQAAAwg"]
[Sun Jun 28 15:58:41.444622 2026] [security2:error] [pid 180556:tid 180651] [client 168.144.116.211:4742] [client 168.144.116.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive|close),\\
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 11:12:23
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:12:20.187370 2026] [security2:error] [pid 6825:tid 6825] [client 168.144.116.211:34270] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.zacharyschwartzman.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.zacharyschwartzman.com"] [uri "/"] [unique_id "akEBlLIfp6WAYwqwAHjJ7gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐น
centurion
2026-06-22 18:41:42
(1 week ago)
Blocked by UFW on ns03 [443/tcp] Source port: 36342 TTL: 46 Packet length: 60 TOS: 0x00 This report ...
show more
Blocked by UFW on ns03 [443/tcp] Source port: 36342 TTL: 46 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Web App Attack
๐ธ๐ช
SkyDancer
2026-06-21 07:46:45
(1 week ago)
Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ...
show more
Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx
show less
Hacking
Brute-Force
SSH
๐ฉ๐ช
bescared
2026-06-21 05:23:24
(1 week ago)
F2B - Malicious activity detected. URL Probing. -151302cd-
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
grassau.com
2026-06-19 14:35:27
(1 week ago)
*Port Scan* detected from 168.144.116.211 (IN/India/Karnataka/Bengaluru/-).
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-19 13:56:04
(1 week ago)
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 09:56:01.181373 2026] [security2:error] [pid 16435:tid 16546] [client 168.144.116.211:30818] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||torreymanagement.com.torreydc.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "torreymanagement.com.torreydc.com"] [uri "/"] [unique_id "ajVKcSAkB0GZopGq1ajVcwAAAg0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-06-19 04:57:05
(1 week ago)
168.144.116.211 (IN/India/-), more than 7 Apache 403 hits
Hacking
Anonymous
2026-06-16 08:54:29
(2 weeks ago)
Probing\(3\) HTTP Ports
...
Bad Web Bot
Web App Attack
๐ฉ๐ช
MBombeck
2026-06-13 21:41:27
(2 weeks ago)
Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 18:51:58
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:51:52.924760 2026] [security2:error] [pid 6706:tid 6706] [client 168.144.116.211:52914] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||mail.robotrodeo.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.robotrodeo.net"] [uri "/"] [unique_id "aimySPew-6vX8rsOBzNKzAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 13:33:47
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:33:41.599594 2026] [security2:error] [pid 15779:tid 15791] [client 168.144.116.211:3734] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.faceliftnewyork.com.aafm.us|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.faceliftnewyork.com.aafm.us"] [uri "/"] [unique_id "ailntff-9DC8TNBsYFj1PAAAAQY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-10 09:48:12
(2 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ฉ๐ช
updown.io
2026-06-09 19:16:43
(2 weeks ago)
{"level":"info","ts":1781029565.9819753,"logger":"http.log.access.log0","msg":"handled request","req ...
show more
{"level":"info","ts":1781029565.9819753,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"168.144.116.211","remote_port":"17408","client_ip":"168.144.116.211","proto":"HTTP/1.1","method":"GET","host":"nswe.status.updown.io","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Connection":["close"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000076015,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://nswe.status.updown.io/"],"Content-Type":[]}}
{"level":"info","ts":1781029863.4019706,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.116.211","remote_port":"35914","client_ip":"168.144.116.211","proto":"HTTP/1.1","method":"GET","host":"wwwa.578.bakery.to-connect.topwww-promo.hobs.status.updown.io","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Connection":["close"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration
...
show less
DDoS Attack
Web App Attack