๐บ๐ธ
TPI-Abuse
2025-09-30 19:18:48
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 30 15:18:45.505672 2025] [security2:error] [pid 11083:tid 11083] [client 45.202.79.46:43471] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bhgvh.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bhgvh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aNwtFTZJVzSZjjCHeeA9CwAAAAk"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-06 01:03:14
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 21:03:08.311281 2025] [security2:error] [pid 14113:tid 14113] [client 45.202.79.46:24939] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.ianpearce.tv|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ianpearce.tv"] [uri "/s3cmd.ini"] [unique_id "aLuITFGmCPFLU0sNGTzItAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-30 17:56:57
(11 months ago)
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 30 13:56:51.637409 2025] [security2:error] [pid 1723:tid 1741] [client 45.202.79.46:58921] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||clmtic.es|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "clmtic.es"] [uri "/wp-json/wp/v2/users"] [unique_id "aIpc41hjxDKamHeLWjGDXgAAAU8"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
as211431.net
2025-07-23 12:41:10
(11 months ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฆ๐บ
oncord
2025-07-21 07:24:02
(11 months ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-07-16 19:31:11
(11 months ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-07-12 01:52:18
(11 months ago)
Form spam
Web Spam
๐บ๐ธ
oncord
2025-06-30 16:18:39
(1 year ago)
Form spam
Web Spam
Anonymous
2025-06-30 12:10:21
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ซ๐ฎ
as211431.net
2025-06-27 10:30:58
(1 year ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /join
UA: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
Netrix
2025-06-18 16:32:00
(1 year ago)
L7 Flood botnet hosted by 3xK Tech
DDoS Attack
Web Spam
SSH
๐ซ๐ฎ
as211431.net
2025-06-17 23:10:54
(1 year ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /join
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
Anonymous
2025-05-01 08:54:56
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-04-17 07:50:33
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 17 03:50:26.899786 2025] [security2:error] [pid 1420909:tid 1420909] [client 45.202.79.46:33319] [client 45.202.79.46] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||heinzmail.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "heinzmail.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aACywsTxXs8qD_j7Z3XyiQAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-15 03:26:48
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.202.79.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 14 23:26:43.017897 2025] [security2:error] [pid 13506:tid 13506] [client 45.202.79.46:45395] [client 45.202.79.46] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fitnessdoctors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fitnessdoctors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_3R84lV0xrSDaaNNEuBHAAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack