๐บ๐ธ
TPI-Abuse
2025-10-01 18:06:50
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 14:06:44.204969 2025] [security2:error] [pid 12250:tid 12250] [client 154.94.14.12:47023] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||atame.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "atame.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aN1ttDKfqtyQa5BcOeTTHgAAABA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2025-09-24 21:48:20
(8 months ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /genshin-stella-mod
UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
f2_IT
2025-09-04 06:39:01
(9 months ago)
SSLVPN Login attempt (blocked type h) from 154.94.14.12
Brute-Force
๐จ๐ฆ
wil.com
2025-08-06 01:45:35
(10 months ago)
GlobalProtect login attempts with user research.
VPN IP
Brute-Force
Anonymous
2025-06-04 01:56:24
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-04-25 04:24:28
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฌ๐ง
Steve
2025-02-24 04:58:45
(1 year ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
๐ฌ๐ง
Steve
2025-02-11 18:32:42
(1 year ago)
Excessive crawling - not obeying robots.txt
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-01-14 06:34:25
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 01:34:17.768141 2025] [security2:error] [pid 203479:tid 203590] [client 154.94.14.12:46445] [client 154.94.14.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cmykdesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cmykdesign.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4YFaaZSDHkMRrtsrH7gBwAAAM0"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-01-07 10:14:17
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 07 05:14:13.064626 2025] [security2:error] [pid 1357883:tid 1357883] [client 154.94.14.12:59207] [client 154.94.14.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||clinegroup.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "clinegroup.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3z-dStVc3SJ7NYGz00UaAAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
weblite
2025-01-05 10:10:50
(1 year ago)
WP_AUTHOR_SCANNING WP_LOGIN_FAIL
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-13 06:14:01
(1 year ago)
(mod_security) mod_security (id:210831) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 154.94.14.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 01:13:58.048409 2024] [security2:error] [pid 3399828:tid 3399828] [client 154.94.14.12:45309] [client 154.94.14.12] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||backstore.com|F|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/usage_202412.html"] [unique_id "Z1vQpu4cqSaANP6iZyaxgwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
nyuuzyou
2024-11-05 01:05:36
(1 year ago)
Intensive scraping: /web?s=sweepstakes%20offers&country=ml-ml&scraper=brave. User-Agent: Mozilla/5.0 ...
show more
Intensive scraping: /web?s=sweepstakes%20offers&country=ml-ml&scraper=brave. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36.
show less
Bad Web Bot