πΊπΈ
TPI-Abuse
2026-07-15 07:23:58
(5 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 03:23:53.146712 2026] [security2:error] [pid 26122:tid 26273] [client 42.201.192.87:22264] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||mentzlaw.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mentzlaw.com"] [uri "/your-rights.html"] [unique_id "alc1iYVDnQTrzFabyQ-anQAAAQc"], referer: https://mentzlaw.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-15 02:48:32
(10 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 22:48:27.040058 2026] [security2:error] [pid 21641:tid 21641] [client 42.201.192.87:44075] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||powerkiteforum.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "powerkiteforum.com"] [uri "/viewthread.php"] [unique_id "alb0-15ycNfXKrCv08zgKQAAAAI"], referer: https://powerkiteforum.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 18:21:56
(18 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 14:21:52.609766 2026] [security2:error] [pid 28799:tid 28799] [client 42.201.192.87:30259] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||stansco.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "stansco.com"] [uri "/netchess"] [unique_id "alZ-QEwejPhH_-pSAD3A5wAAAAI"], referer: https://stansco.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 14:08:21
(22 hours ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 10:08:16.219780 2026] [security2:error] [pid 16914:tid 16914] [client 42.201.192.87:28756] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||nealschonmusic.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "nealschonmusic.com"] [uri "/"] [unique_id "alZC0MAvi-V_Y9xFgt-28QAAAAQ"], referer: https://nealschonmusic.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 06:00:44
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:00:40.220108 2026] [security2:error] [pid 22820:tid 22820] [client 42.201.192.87:27113] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||renjunews.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "renjunews.com"] [uri "/wc2019/gomoku-qualification-gqt"] [unique_id "alXQiKpHqqZS8Karu9PXrgAAAAc"], referer: https://renjunews.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 02:20:15
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:20:08.331230 2026] [security2:error] [pid 16738:tid 16738] [client 42.201.192.87:15515] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.enchantmenttours.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.enchantmenttours.com"] [uri "/403.shtml"] [unique_id "alWc2CMKhfyY_dM792TgdAAAACY"], referer: https://enchantmenttours.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
1gz
2026-07-14 01:44:25
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/2 (GET method) ...
show more
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/2 (GET method)
Endpoint: /lajme/zbardhen-detaje-nga-konflikti-qe-coi-ne-kercenimin-me-arme-zjarri-ne-tirane-autori-e-pashe-rastesisht-ne-lokal-shkova-per/871006
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-14 00:26:16
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 20:26:11.698806 2026] [security2:error] [pid 8537:tid 8672] [client 42.201.192.87:21846] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.clearwaterpumpservices.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.clearwaterpumpservices.com"] [uri "/store/"] [unique_id "alWCI_wAFBk8AaYOifunwAAAARg"], referer: https://clearwaterpumpservices.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 19:02:04
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 15:01:57.272948 2026] [security2:error] [pid 27268:tid 27268] [client 42.201.192.87:37065] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.beach98.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.beach98.com"] [uri "/403.shtml"] [unique_id "alU2JTpmoroHxj7iT0WB9wAAAAc"], referer: https://beach98.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 04:15:09
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:15:01.264294 2026] [security2:error] [pid 16154:tid 16154] [client 42.201.192.87:48771] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||recetabook.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "recetabook.com"] [uri "/buscador-pollo_agridulce.php"] [unique_id "alRmRdhcrh7bts1Oy2pk1gAAADA"], referer: https://recetabook.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 03:59:54
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:59:48.467731 2026] [security2:error] [pid 4697:tid 4697] [client 42.201.192.87:22240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||janyoors.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "janyoors.com"] [uri "/photography/world-travels/europe"] [unique_id "alRitJgaN7vtyLa4qOgUagAAAAo"], referer: https://janyoors.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 03:33:42
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:33:36.836037 2026] [security2:error] [pid 22268:tid 22268] [client 42.201.192.87:43827] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bodybuildbid.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bodybuildbid.com"] [uri "/articles/steroids/ballsinorder.html"] [unique_id "alRckIzh9bLzDwfXhpNxWgAAAAM"], referer: https://bodybuildbid.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 06:14:30
(1 week ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
πΊπΈ
kosada.com
2026-07-06 11:40:35
(1 week ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
πΊπΈ
kosada.com
2026-07-06 05:10:42
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot