๐บ๐ธ
TPI-Abuse
2026-07-18 19:05:47
(7 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 15:05:39.603451 2026] [security2:error] [pid 28041:tid 28041] [client 42.201.192.86:59181] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.kbalan.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.kbalan.com"] [uri "/"] [unique_id "alvOg92B-XfA_HHnfjHfygAAABU"], referer: https://kbalan.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 14:11:15
(12 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 10:11:10.433759 2026] [security2:error] [pid 29984:tid 29984] [client 42.201.192.86:49110] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.americanexportimport.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.americanexportimport.com"] [uri "/sectors/"] [unique_id "aluJfsPbQpDRNkwr4loo6QAAAAg"], referer: https://americanexportimport.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 08:12:42
(18 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 04:12:35.668556 2026] [security2:error] [pid 297620:tid 297620] [client 42.201.192.86:25552] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||meganmurph.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "meganmurph.com"] [uri "/feed"] [unique_id "als1c_H3hvVWnd_0rL0dzgAAAAU"], referer: https://meganmurph.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-07-17 01:58:00
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from HK.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET ...
show more
Triggered Cloudflare WAF (firewallCustom) from HK.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET) | Endpoint: /booru | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-16 13:24:50
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:24:43.568597 2026] [security2:error] [pid 3920:tid 3933] [client 42.201.192.86:16982] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||livetalkusa.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "livetalkusa.com"] [uri "/"] [unique_id "aljbm4o2f6eh4Cye4RiUtwAAAEc"], referer: https://livetalkusa.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-16 08:07:01
(2 days ago)
Fail2Ban - [NGINX]Malicious request blocked on nginx-444 ... [wa01,wa02]
Hacking
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-16 02:39:09
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:39:06.275906 2026] [security2:error] [pid 24236:tid 24236] [client 42.201.192.86:33801] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||ds12bonn.de|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ds12bonn.de"] [uri "/kurse"] [unique_id "alhESk-_89AXETPrOZ4FAwAAABw"], referer: https://ds12bonn.de/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 18:08:28
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 14:08:24.627328 2026] [security2:error] [pid 23753:tid 23753] [client 42.201.192.86:25614] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||midwayisland.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "midwayisland.com"] [uri "/feed"] [unique_id "alfMmNbUahf-kaNFz9yp3QAAABM"], referer: https://midwayisland.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 11:26:59
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 07:26:55.930542 2026] [security2:error] [pid 18525:tid 18525] [client 42.201.192.86:42322] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||jerusalem-korczak-home.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jerusalem-korczak-home.com"] [uri "/bc"] [unique_id "aldufycBvWrLa5hibiKSbAAAABA"], referer: https://jerusalem-korczak-home.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 07:38:19
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 03:38:13.898969 2026] [security2:error] [pid 26122:tid 26282] [client 42.201.192.86:53936] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||gafm.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "gafm.org"] [uri "/"] [unique_id "alc45YVDnQTrzFabyQ-j6AAAARA"], referer: https://gafm.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 06:55:43
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 02:55:35.532864 2026] [security2:error] [pid 14781:tid 14781] [client 42.201.192.86:47230] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.barkdull.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.barkdull.org"] [uri "/index.php"] [unique_id "alcu5yFG94XBiN1LREl1bwAAAA0"], referer: https://barkdull.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:48:13
(5 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:48:08.389875 2026] [security2:error] [pid 20420:tid 20420] [client 42.201.192.86:47480] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||stansco.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "stansco.com"] [uri "/netchess"] [unique_id "alWVWKqnRrz_aRw0duaQowAAAAk"], referer: https://stansco.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:28:05
(5 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:27:58.298985 2026] [security2:error] [pid 23420:tid 23420] [client 42.201.192.86:57251] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bodybuildbid.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bodybuildbid.com"] [uri "/articles\\\\mrolympia\\\\2016\\\\2016-mr-olympia-results.html"] [unique_id "alRpTmbSUVa0UEcSlWmhcQAAAEs"], referer: https://bodybuildbid.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 06:10:20
(1 week ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐บ๐ธ
kosada.com
2026-07-06 12:40:45
(1 week ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot