๐บ๐ธ
TPI-Abuse
2026-07-18 18:29:39
(10 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 14:29:30.969977 2026] [security2:error] [pid 1078734:tid 1078734] [client 42.201.192.27:47473] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||schlegelcreative.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "schlegelcreative.com"] [uri "/"] [unique_id "alvGCq6-ekfDY-OcUxw7xQAAAA0"], referer: https://schlegelcreative.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 17:17:36
(11 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 13:17:31.644851 2026] [security2:error] [pid 4521:tid 4543] [client 42.201.192.27:42191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||slingshotpro.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "slingshotpro.com"] [uri "/"] [unique_id "alu1K0FuZu4kxL2M7YqdUgAAANQ"], referer: https://slingshotpro.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 14:25:57
(14 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 10:25:50.656410 2026] [security2:error] [pid 3083025:tid 3083031] [client 42.201.192.27:43935] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||royalfellows.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "royalfellows.com"] [uri "/"] [unique_id "aluM7tObLMD5krWhgI4REAAAAUQ"], referer: https://royalfellows.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 11:31:26
(17 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 07:31:23.532553 2026] [security2:error] [pid 18366:tid 18366] [client 42.201.192.27:40327] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||creartest.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "creartest.com"] [uri "/"] [unique_id "altkCyDJtpr8A3DullqrIgAAAAI"], referer: https://creartest.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 04:50:06
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:49:57.782913 2026] [security2:error] [pid 387203:tid 387203] [client 42.201.192.27:62410] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||katharinanitzpon.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "katharinanitzpon.com"] [uri "/"] [unique_id "alm0dbvaRJqZRJb_eQX54QAAAA4"], referer: https://katharinanitzpon.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:21:12
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:21:08.025857 2026] [security2:error] [pid 18741:tid 18741] [client 42.201.192.27:17141] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||wild-goose.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "wild-goose.net"] [uri "/articles/the-sustainability-drinks-affair"] [unique_id "alkE9IzkIt5oY37QLXiTEQAAABw"], referer: https://wild-goose.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:45:05
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:44:59.543081 2026] [security2:error] [pid 31561:tid 31561] [client 42.201.192.27:12149] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||dogarttoday.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dogarttoday.com"] [uri "/"] [unique_id "alh960Tl--ILhs3dtXsMrQAAABM"], referer: https://dogarttoday.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:59:11
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:59:07.683834 2026] [security2:error] [pid 9852:tid 9852] [client 42.201.192.27:60873] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||wendeenicole.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "wendeenicole.com"] [uri "/"] [unique_id "algs23Qgy7CvfD1CH-96gAAAABU"], referer: https://wendeenicole.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 12:23:06
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 08:23:01.536417 2026] [security2:error] [pid 19792:tid 19792] [client 42.201.192.27:57237] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||renjunews.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "renjunews.com"] [uri "/konstantin-nikonov-is-the-russian-champion-2020"] [unique_id "ald7pe9AMBcXAhO0XyKeCgAAAAE"], referer: https://renjunews.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 11:38:06
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 07:37:58.784741 2026] [security2:error] [pid 30100:tid 30100] [client 42.201.192.27:53743] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||jerusalem-korczak-home.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jerusalem-korczak-home.com"] [uri "/hin/jun0.html"] [unique_id "aldxFjFw6d3sZVTVmgG4IQAAAC0"], referer: https://jerusalem-korczak-home.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 02:24:50
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 22:24:46.232073 2026] [security2:error] [pid 2943:tid 2943] [client 42.201.192.27:15384] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||wackywipeouts.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "wackywipeouts.com"] [uri "/"] [unique_id "albvbtZLf2Ro2XxegJ6hYAAAADE"], referer: https://wackywipeouts.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 15:11:15
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:11:10.558802 2026] [security2:error] [pid 29412:tid 29412] [client 42.201.192.27:42185] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||player-care.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "player-care.com"] [uri "/duo-art/index.html"] [unique_id "alZRjmYBK5PlIBGdAIq65wAAAA0"], referer: https://player-care.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 13:01:18
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 09:01:10.309740 2026] [security2:error] [pid 17479:tid 17479] [client 42.201.192.27:45639] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||beach98.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "beach98.com"] [uri "/"] [unique_id "alYzFn4Z1pIZVDgUnofZMQAAAAM"], referer: https://beach98.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
1gz
2026-07-14 01:40:15
(5 days ago)
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/2 (GET method) ...
show more
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /kosove
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.73 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-13 04:22:37
(6 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:22:33.512580 2026] [security2:error] [pid 8133:tid 8133] [client 42.201.192.27:38711] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bahamascruisersguide.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bahamascruisersguide.com"] [uri "/"] [unique_id "alRoCQvmSI9Sd7v7Zgd0GQAAAAk"], referer: https://bahamascruisersguide.com/
show less
Brute-Force
Bad Web Bot
Web App Attack