๐จ๐ฆ
1gz
2026-07-12 04:35:53
(2 hours ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
masterguru
2026-07-11 23:35:45
(7 hours ago)
Blocked scraper - old Chrome UA. Match of "rx (?i)(amazonbot|bingbot|googlebot|yandexbot|duckduckbot ...
show more
Blocked scraper - old Chrome UA. Match of "rx (?i)(amazonbot|bingbot|googlebot|yandexbot|duckduckbot)" against "REQUEST_HEADERS:user-agent" required. (780532-133)
show less
Hacking
๐จ๐ฆ
1gz
2026-07-11 07:07:19
(23 hours ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kosove/ymeri-mustafa-e-thaci-po-terrorizojne-prishtinen-permes-hysenit/221518/
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
Sklurk
2026-07-10 20:46:10
(1 day ago)
Web App Attack
Web App Attack
๐จ๐ฆ
1gz
2026-07-10 15:44:47
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-10 11:53:02
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 111.225.214.173 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 111.225.214.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 07:52:56.034836 2026] [security2:error] [pid 22567:tid 22595] [client 111.225.214.173:50037] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||econpage.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "econpage.com"] [uri "/backupdb_backup.sql"] [unique_id "alDdGD7Bb2pnFD1r0Plk6gAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 04:50:59
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 111.225.214.173 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 111.225.214.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 00:50:52.639647 2026] [security2:error] [pid 18016:tid 18016] [client 111.225.214.173:18208] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||williamfitzsimmons.com|F|2"] [data ".largo-la.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/www.largo-la.com"] [unique_id "alB6LE3jMSRdIsi8KVtsQAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-10 00:07:15
(2 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-geofence-sus.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 11:10:46
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 111.225.214.173 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 111.225.214.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:10:41.810808 2026] [security2:error] [pid 20381:tid 20381] [client 111.225.214.173:38737] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gracefaerie.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gracefaerie.com"] [uri "/Assets/Thumbs.db"] [unique_id "ak-Bsd9npjoUOfJ0uTOwvwAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
1gz
2026-07-09 05:51:42
(3 days ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kosove/23-vjet-ldk/95540/
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐น๐ท
SeczarSecureOps
2026-07-08 19:58:55
(3 days ago)
Auto-blocked by Seczar SecureOps โ Outside Work Hours โ Critical Service Access (1 events in 60min) ...
show more
Auto-blocked by Seczar SecureOps โ Outside Work Hours โ Critical Service Access (1 events in 60min) at 2026-07-08 19:58
show less
Web App Attack
๐จ๐ฆ
1gz
2026-07-07 00:04:57
(5 days ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
Sklurk
2026-07-05 19:18:48
(6 days ago)
Web App Attack
Web App Attack
๐ซ๐ท
Sklurk
2026-07-04 19:06:46
(1 week ago)
Web App Attack
Web App Attack
๐จ๐ฆ
1gz
2026-07-04 07:03:03
(1 week ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kosove/vetevendosja-kunder-negociatave/31719/
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot