๐ซ๐ท
masterguru
2026-07-11 08:34:42
(5 hours ago)
Blocked scraper - old Chrome UA. Match of "rx (?i)(amazonbot|bingbot|googlebot|yandexbot|duckduckbot ...
show more
Blocked scraper - old Chrome UA. Match of "rx (?i)(amazonbot|bingbot|googlebot|yandexbot|duckduckbot)" against "REQUEST_HEADERS:user-agent" required. (780532-133)
show less
Hacking
๐ซ๐ท
Sklurk
2026-07-11 04:34:05
(9 hours ago)
Web App Attack
Web App Attack
๐จ๐ฆ
1gz
2026-07-10 06:25:28
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
Sklurk
2026-07-10 04:32:24
(1 day ago)
Web App Attack
Web App Attack
๐จ๐ฆ
1gz
2026-07-09 01:00:10
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฌ๐ท
setupgr
2026-07-08 16:57:22
(2 days ago)
(mod_security) mod_security (id:100011) triggered by 111.225.214.177 (CN/China/Hebei/Shijiazhuang/-/ ...
show more
(mod_security) mod_security (id:100011) triggered by 111.225.214.177 (CN/China/Hebei/Shijiazhuang/-/[AS58539 CHINATELECOM-HEBEI-LANGFANG-IDC Langfang,Hebei province, P.R.China]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:57:20.231512 2026] [security2:error] [pid 1841574:tid 1841623] [client 111.225.214.177:38968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CN" at GEO:COUNTRY_CODE. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "62"] [id "100011"] [msg "Traffic from CN/SG blocked for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/"] [unique_id "ak6BcFUHlSZdxs-ZMPXTvwAAABY"]
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-08 08:48:17
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 111.225.214.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 111.225.214.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:48:10.400620 2026] [security2:error] [pid 31853:tid 31853] [client 111.225.214.177:21226] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chatgptfrance.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chatgptfrance.net"] [uri "/wp-json/wp/v2/users/3473"] [unique_id "ak4OylC5ndTzvJQiVKZH1AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
1gz
2026-07-08 01:32:14
(3 days ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /shqiperi/i-preu-koken-18-vjecares-shaban-norja-kercenon-me-jete-gazetaren/367314/
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-07 11:04:31
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 111.225.214.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 111.225.214.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:04:27.594660 2026] [security2:error] [pid 13106:tid 13113] [client 111.225.214.177:6081] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||staging.kettlehill.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/errors.log"] [unique_id "akzdO0VauSozWHgs3CVBUQAAAIQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Sklurk
2026-07-07 04:24:15
(4 days ago)
Web App Attack
Web App Attack
๐จ๐ฆ
1gz
2026-07-07 02:42:59
(4 days ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2026-07-06 09:25:14
(5 days ago)
FortiWeb WAF: 24 attacks detected. Threat Score: 6200. Types: Client Management(12), GEO IP(12). Ori ...
show more
FortiWeb WAF: 24 attacks detected. Threat Score: 6200. Types: Client Management(12), GEO IP(12). Origin: China.
show less
Web App Attack
๐ซ๐ท
Sklurk
2026-07-06 04:12:22
(5 days ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 16:52:47
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 111.225.214.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 111.225.214.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 12:52:43.367119 2026] [security2:error] [pid 10228:tid 10228] [client 111.225.214.177:49626] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.williamfitzsimmons.com|F|2"] [data ".gloria-theater.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.williamfitzsimmons.com"] [uri "/www.gloria-theater.com"] [unique_id "akqL2_oGnpSZF0NsnrzMEAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Sklurk
2026-07-05 03:53:09
(6 days ago)
Web App Attack
Web App Attack