Anonymous
2026-06-13 15:25:09
(2 weeks ago)
Command Injection Exploit Sensor - HTTP (Request) - Variant 2
Hacking
๐ซ๐ฎ
as211431.net
2026-06-03 04:15:34
(4 weeks ago)
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /wp-content/plugins/seoplugins/
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-02 21:22:08
(4 weeks ago)
(mod_security) mod_security (id:240000) triggered by 136.144.17.181 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 136.144.17.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:21:46.883928 2026] [security2:error] [pid 4227:tid 4227] [client 136.144.17.181:40181] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||gervais-family.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "gervais-family.com"] [uri "/images/stories/themes.php"] [unique_id "ah9JasQsTgurXmv3rWqc8gAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-05-31 08:50:43
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ญ๐บ
bcsaba
2026-05-31 05:53:57
(1 month ago)
Suricata: Alert - ET INFO Go-http-client User-Agent Observed Inbound
Web App Attack
๐ฆ๐บ
oncord
2026-05-27 01:33:12
(1 month ago)
Form spam
Web Spam
๐ฉ๐ช
FeG Deutschland
2026-05-26 18:57:13
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฆ๐บ
oncord
2026-05-25 22:54:31
(1 month ago)
Form spam
Web Spam
๐ณ๐ฑ
Site.eu
2026-05-23 04:07:00
(1 month ago)
Excessive 404/403 errors
Brute-Force
๐ฉ๐ช
BlueWire Hosting
2026-05-22 20:50:31
(1 month ago)
Bad bot ignoring robot.txt
Bad Web Bot
๐บ๐ธ
mnsf
2026-05-11 13:05:21
(1 month ago)
Scanning/Probing (12)
Request Overload (478)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-05-10 12:05:12
(1 month ago)
Request Overload (128)
Brute-Force
Web App Attack
๐ซ๐ท
Octopuce
2026-05-10 07:29:48
(1 month ago)
Aggressive web search of vulnerable pages: /update/ /wp-content/ /wp-admin/maint/ /themes/zMousse/ / ...
show more
Aggressive web search of vulnerable pages: /update/ /wp-content/ /wp-admin/maint/ /themes/zMousse/ /wp-content/plugins/ubh/ /wp-admin/images/ / ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-28 12:32:29
(4 months ago)
(mod_security) mod_security (id:210350) triggered by 136.144.17.181 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 136.144.17.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 07:32:25.327640 2026] [security2:error] [pid 26908:tid 26908] [client 136.144.17.181:62157] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||walterceron.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "walterceron.com"] [uri "/wp-login.php"] [unique_id "aaLgWVXEFc2Qh3MDHcKDUQAAAAk"], referer: https://walterceron.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-28 12:12:19
(4 months ago)
(mod_security) mod_security (id:210350) triggered by 136.144.17.181 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 136.144.17.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 07:12:14.337311 2026] [security2:error] [pid 7836:tid 7836] [client 136.144.17.181:38389] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||saadeh.ws|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "saadeh.ws"] [uri "/wp-login.php"] [unique_id "aaLbntcF9wPWE7zk83etFwAAAAg"], referer: https://saadeh.ws/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack