๐บ๐ธ
TPI-Abuse
2026-06-24 11:28:05
(1 week ago)
(mod_security) mod_security (id:210350) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 07:28:02.522877 2026] [security2:error] [pid 7353:tid 7353] [client 91.247.163.27:51177] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||garon.us|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "garon.us"] [uri "/adminer/"] [unique_id "aju_QngAhcz4lNBrFMKEUAAAAAw"], referer: https://garon.us/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 02:16:22
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:16:16.999452 2026] [security2:error] [pid 14741:tid 14741] [client 91.247.163.27:52673] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bahamas-boat-registration.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bahamas-boat-registration.com"] [uri "/_adminer.php"] [unique_id "ai4O8DYLwQ0bZzsKIjzDUgAAAGU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 18:46:48
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:46:41.318666 2026] [security2:error] [pid 31369:tid 31369] [client 91.247.163.27:44523] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||register-yacht-belize.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "register-yacht-belize.com"] [uri "/_adminer.php"] [unique_id "ai2lkRFogvlc6-63Zb5s6QAAAAM"], referer: https://register-yacht-belize.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-06-09 06:35:31
(3 weeks ago)
Web App Attack Exploid from 91.247.163.27
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-08 22:33:02
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 15:14:55
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 11:14:50.248278 2026] [security2:error] [pid 5246:tid 5260] [client 91.247.163.27:28995] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||adultbaja.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "adultbaja.com"] [uri "/2025.db"] [unique_id "ahW46rbQ2Aw4xRHEKvQd5AAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
SiliSoftware
2026-05-17 15:28:26
(1 month ago)
/config.php.csv
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-12 16:17:15
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 91.247.163.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 12:17:08.207853 2026] [security2:error] [pid 18407:tid 18407] [client 91.247.163.27:48485] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||comitedelafamille.org|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "comitedelafamille.org"] [uri "/123.db"] [unique_id "agNShClZr8mOMGfUA-1qyQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-01-04 22:36:27
(5 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
๐จ๐ญ
backslash
2025-11-19 16:25:09
(7 months ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot
Anonymous
2025-06-03 04:07:52
(1 year ago)
WordPress Brute Force
Brute-Force
๐จ๐ฟ
lp
2025-03-19 13:28:56
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-19T13:43:29+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-19T13:43:29+01:00 vpn Access-Reject 'greenlaw' station: 91.247.163.27 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-03-18 17:56:06
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-18T18:43:30+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-18T18:43:30+01:00 vpn Access-Reject 'Administrator' station: 91.247.163.27 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-03-17 01:25:53
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-17T01:43:54+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-17T01:43:54+01:00 vpn Access-Reject 'keessie' station: 91.247.163.27 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-03-15 02:54:03
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-15T02:38:10+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 91.247.163.27
2025-03-15T02:38:10+01:00 vpn Access-Reject 'getting' station: 91.247.163.27 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack