{"uuid": "4b7512cd-8b51-4d5b-a7a4-db5f87ccced7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/5495", "content": " \ud83d\udc51 Cloudflare-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 665,361\n\n Request Successful\n \u27a5 23,486  (3.53%)\n\n Request Blocked\n \u27a5 641,875  (96.47%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/1.1\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 24\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 23,462\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 23,486\n \u27a5 Percentage: 3.53%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 21,832\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: PATCH\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: fbc1f0a96dc84de68091cd0c5723bcc9\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 38,633\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: PATCH\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 151,644\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 40,778\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-Host - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 32,929\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: PATCH\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-Host - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 359\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 23,310\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 124,870\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: PATCH\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 55,316\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #56).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 78\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Manage Likely Bots\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 150,245\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: PATCH\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #56).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,881\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Manage Likely Bots\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 641,875\n \u27a5 Percentage: 96.47%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user:  WEAK \ud83d\ude97", "creation_timestamp": "2025-07-16T13:09:10.000000Z"}