๐ซ๐ท
Sklurk
2026-06-28 11:07:59
(21 hours ago)
Web App Attack
Web App Attack
๐จ๐ฆ
1gz
2026-06-27 19:10:40
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /kerko.php
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
Sklurk
2026-06-27 08:58:58
(2 days ago)
Web App Attack
Web App Attack
๐ฌ๐ท
setupgr
2026-06-27 05:13:32
(2 days ago)
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/-/-/-/[AS4837 CHINA UN ...
show more
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/-/-/-/[AS4837 CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 27 08:13:26.438564 2026] [security2:error] [pid 1094255:tid 1094496] [client 116.179.33.203:59690] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CN" at GEO:COUNTRY_CODE. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "62"] [id "100011"] [msg "Traffic from CN/SG blocked for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/cache/fonts/1/google-fonts/css/d/6/2/487a4e09e49ec73b9840f3479663e.css"] [unique_id "aj9b9hnMhduY9788gj5AtwAAAcQ"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%B5%CE%BB%CE%B9%CE%AC-2/
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-27 03:18:16
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:18:09.469568 2026] [security2:error] [pid 16763:tid 16763] [client 116.179.33.203:32628] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.accordionstars.com.accordionclub.org|F|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com.accordionclub.org"] [uri "/www.accordionfactory.com"] [unique_id "aj9A8aUzb35THpmZKxyD5wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Sklurk
2026-06-26 08:51:15
(3 days ago)
Web App Attack
Web App Attack
๐ช๐ธ
librebit
2026-06-25 13:12:23
(3 days ago)
Brute force
Brute-Force
๐ฌ๐ท
setupgr
2026-06-25 13:06:28
(3 days ago)
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xi ...
show more
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 16:06:28.291301 2026] [security2:error] [pid 358184:tid 358217] [client 116.179.33.203:65507] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css"] [unique_id "aj0n1KO2mzdLeHxqn3omdwAAAUE"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%BA%CE%BB%CE%AE%CE%B8%CF%81%CE%B1-2/
show less
Port Scan
๐ฌ๐ท
setupgr
2026-06-25 11:34:29
(3 days ago)
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xi ...
show more
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 14:34:24.078919 2026] [security2:error] [pid 358185:tid 358274] [client 116.179.33.203:32011] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/plugins/elementor/assets/lib/animations/styles/bounceIn.min.css"] [unique_id "aj0SQDpPCootS5mrGd752QAAAYA"], referer: https://ftiaxtomonosou.gr/%CF%84%CE%B1_%CE%B5%CE%AF%CE%B4%CE%B7_%CF%84%CE%BF%CF%85_%CE%BE%CF%8D%CE%BB%CE%BF%CF%85/%CE%B4%CE%B5%CF%83%CF%80%CE%BF%CF%84%CE%AC%CE%BA%CE%B9-%CE%B1%CE%BC%CE%B5%CF%81%CE%B9%CE%BA%CE%AE%CF%82/
show less
Port Scan
๐ซ๐ท
Sklurk
2026-06-25 08:31:55
(4 days ago)
Web App Attack
Web App Attack
๐บ๐ธ
nodepile
2026-06-25 07:22:32
(4 days ago)
Requests denied due to active blacklist hits (tenant=82 method=GET path=/static/version1775170088/fr ...
show more
Requests denied due to active blacklist hits (tenant=82 method=GET path=/static/version1775170088/frontend/Smartwave/porto/en_US/Magento_Ui/template/messages.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36')
show less
Web App Attack
Exploited Host
๐ฌ๐ท
setupgr
2026-06-24 18:12:42
(4 days ago)
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xi ...
show more
(mod_security) mod_security (id:100011) triggered by 116.179.33.203 (CN/China/Beijing/Jinrongjie (Xicheng District)/-/[AS4837 CHINA169-BACKBONE CHINA UNICOM China169 Backbone]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 21:12:41.926558 2026] [security2:error] [pid 187436:tid 187626] [client 116.179.33.203:13938] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(www\\\\.)?ftiaxtomonosou\\\\.gr" at SERVER_NAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "54"] [id "100011"] [msg "CSF-TRIGGER: Country Block CN/SG for ftiaxtomonosou.gr"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/plugins/justified-image-grid/timthumb.php"] [unique_id "ajweGRmu1xYHQgYUWv0QigAAAIY"], referer: https://ftiaxtomonosou.gr/%CF%80%CE%B1%CF%84%CF%8E%CE%BC%CE%B1%CF%84%CE%B1/page/6/
show less
Port Scan
๐ซ๐ท
Sklurk
2026-06-24 08:12:09
(5 days ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 00:57:18
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 116.179.33.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 20:57:14.447789 2026] [security2:error] [pid 15217:tid 15217] [client 116.179.33.203:17907] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||williamfitzsimmons.com|F|2"] [data ".theparishaustin.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/www.theparishaustin.com"] [unique_id "ajnZ6gtchrwdVdxFQEmxQQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
librebit
2026-06-22 20:19:05
(6 days ago)
Brute force
Brute-Force