Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 06:17:40 +0000 1356c5f5-c50c-47b6-b2f7-11f0f2d26bcd https://vulnerability.circl.lu/sighting/1356c5f5-c50c-47b6-b2f7-11f0f2d26bcd/export {"uuid": "1356c5f5-c50c-47b6-b2f7-11f0f2d26bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16412", "content": " \ud83d\udc51 CF-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,465\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,465 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,465\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,465\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-08T12:24:19.000000Z"} {"uuid": "1356c5f5-c50c-47b6-b2f7-11f0f2d26bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16412", "content": " \ud83d\udc51 CF-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,465\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,465 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,465\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,465\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-08T12:24:19.000000Z"} https://vulnerability.circl.lu/sighting/1356c5f5-c50c-47b6-b2f7-11f0f2d26bcd/export Wed, 08 Oct 2025 12:24:19 +0000 723fb016-ccc1-4f61-a1e2-0800068dd828 https://vulnerability.circl.lu/sighting/723fb016-ccc1-4f61-a1e2-0800068dd828/export {"uuid": "723fb016-ccc1-4f61-a1e2-0800068dd828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16413", "content": " \ud83d\udc51 CF-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,465\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,465 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,465\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,465\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-08T12:24:49.000000Z"} {"uuid": "723fb016-ccc1-4f61-a1e2-0800068dd828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16413", "content": " \ud83d\udc51 CF-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,465\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,465 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,465\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,465\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-08T12:24:49.000000Z"} https://vulnerability.circl.lu/sighting/723fb016-ccc1-4f61-a1e2-0800068dd828/export Wed, 08 Oct 2025 12:24:49 +0000 a8d568c1-37cf-481a-a001-b9dbd8e3b707 https://vulnerability.circl.lu/sighting/a8d568c1-37cf-481a-a001-b9dbd8e3b707/export {"uuid": "a8d568c1-37cf-481a-a001-b9dbd8e3b707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16595", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,432,347\n\n Request Successful\n \u27a5 1,384,606 (96.67%)\n\n Request Blocked\n \u27a5 47,741 (3.33%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 1,384,606\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,384,606\n \u27a5 Percentage: 96.67%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 59\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Custom Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 38\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Anomaly:Header:User-Agent, Anomaly:Header:Referer - Missing or empty\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 25,570\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-Host - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 22,074\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 47,741\n \u27a5 Percentage: 3.33%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: \ud835\udd93\ud835\udd92 \ud83d\ude97", "creation_timestamp": "2025-10-13T12:21:42.000000Z"} {"uuid": "a8d568c1-37cf-481a-a001-b9dbd8e3b707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16595", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,432,347\n\n Request Successful\n \u27a5 1,384,606 (96.67%)\n\n Request Blocked\n \u27a5 47,741 (3.33%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 1,384,606\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,384,606\n \u27a5 Percentage: 96.67%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 59\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Custom Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 38\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Anomaly:Header:User-Agent, Anomaly:Header:Referer - Missing or empty\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 25,570\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-Host - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 22,074\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 47,741\n \u27a5 Percentage: 3.33%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: \ud835\udd93\ud835\udd92 \ud83d\ude97", "creation_timestamp": "2025-10-13T12:21:42.000000Z"} https://vulnerability.circl.lu/sighting/a8d568c1-37cf-481a-a001-b9dbd8e3b707/export Mon, 13 Oct 2025 12:21:42 +0000 0705d150-b0a0-4c35-b2f5-077633d9c7c6 https://vulnerability.circl.lu/sighting/0705d150-b0a0-4c35-b2f5-077633d9c7c6/export {"uuid": "0705d150-b0a0-4c35-b2f5-077633d9c7c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16596", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,432,347\n\n Request Successful\n \u27a5 1,384,606 (96.67%)\n\n Request Blocked\n \u27a5 47,741 (3.33%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 1,384,606\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,384,606\n \u27a5 Percentage: 96.67%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 59\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Custom Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 38\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Anomaly:Header:User-Agent, Anomaly:Header:Referer - Missing or empty\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 25,570\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-Host - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 22,074\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 47,741\n \u27a5 Percentage: 3.33%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: \ud835\udd93\ud835\udd92 \ud83d\ude97", "creation_timestamp": "2025-10-13T12:22:19.000000Z"} {"uuid": "0705d150-b0a0-4c35-b2f5-077633d9c7c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/16596", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,432,347\n\n Request Successful\n \u27a5 1,384,606 (96.67%)\n\n Request Blocked\n \u27a5 47,741 (3.33%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 1,384,606\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1,384,606\n \u27a5 Percentage: 96.67%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 59\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Custom Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 38\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Anomaly:Header:User-Agent, Anomaly:Header:Referer - Missing or empty\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 25,570\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-Host - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 22,074\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 47,741\n \u27a5 Percentage: 3.33%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: \ud835\udd93\ud835\udd92 \ud83d\ude97", "creation_timestamp": "2025-10-13T12:22:19.000000Z"} https://vulnerability.circl.lu/sighting/0705d150-b0a0-4c35-b2f5-077633d9c7c6/export Mon, 13 Oct 2025 12:22:19 +0000 f9cd46ac-4efa-4a5a-ad66-d72951feae84 https://vulnerability.circl.lu/sighting/f9cd46ac-4efa-4a5a-ad66-d72951feae84/export {"uuid": "f9cd46ac-4efa-4a5a-ad66-d72951feae84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17078", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 26,159,333\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 26,159,333 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 7,001\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 2,633,066\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 348\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 263,264\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #25).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 875,550\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests that are very likely coming from bots.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 3,066,810\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 859,137\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers (pattern #6).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 17,119\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 9,445,624\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #56).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 3,854,855\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 5,136,559\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #57).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 26,159,333\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: TEAM t.me/TEAM_KINGDOM_1 \ud83d\ude97", "creation_timestamp": "2025-10-15T16:54:06.000000Z"} {"uuid": "f9cd46ac-4efa-4a5a-ad66-d72951feae84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17078", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 26,159,333\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 26,159,333 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 7,001\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 2,633,066\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 348\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 263,264\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #25).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 875,550\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests that are very likely coming from bots.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 3,066,810\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 859,137\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers (pattern #6).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 17,119\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 9,445,624\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #56).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 3,854,855\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 5,136,559\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests with unusual HTTP headers or URI path (signature #57).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 26,159,333\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: TEAM t.me/TEAM_KINGDOM_1 \ud83d\ude97", "creation_timestamp": "2025-10-15T16:54:06.000000Z"} https://vulnerability.circl.lu/sighting/f9cd46ac-4efa-4a5a-ad66-d72951feae84/export Wed, 15 Oct 2025 16:54:06 +0000 14b0a2d6-a56c-4f16-b4b1-0cb5de03972e https://vulnerability.circl.lu/sighting/14b0a2d6-a56c-4f16-b4b1-0cb5de03972e/export {"uuid": "14b0a2d6-a56c-4f16-b4b1-0cb5de03972e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17109", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,138,234\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,138,234 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 449,193\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 573,204\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers (pattern #6).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 115,837\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,138,234\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 12 seconds\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-15T22:35:22.000000Z"} {"uuid": "14b0a2d6-a56c-4f16-b4b1-0cb5de03972e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17109", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,138,234\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,138,234 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 449,193\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 573,204\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers (pattern #6).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 115,837\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,138,234\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 12 seconds\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-15T22:35:22.000000Z"} https://vulnerability.circl.lu/sighting/14b0a2d6-a56c-4f16-b4b1-0cb5de03972e/export Wed, 15 Oct 2025 22:35:22 +0000 3f5b3cfb-f9d3-4a1f-8b62-8c1fb1484d00 https://vulnerability.circl.lu/sighting/3f5b3cfb-f9d3-4a1f-8b62-8c1fb1484d00/export {"uuid": "3f5b3cfb-f9d3-4a1f-8b62-8c1fb1484d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17110", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,138,234\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,138,234 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 449,193\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 573,204\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers (pattern #6).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 115,837\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,138,234\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 12 seconds\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-15T22:35:51.000000Z"} {"uuid": "3f5b3cfb-f9d3-4a1f-8b62-8c1fb1484d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17110", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 1,138,234\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 1,138,234 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 449,193\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: Requests coming from known bad sources.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 573,204\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers (pattern #6).\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 115,837\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 1,138,234\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 12 seconds\n\ud83d\ude97 Data from user: mentor \ud83d\ude97", "creation_timestamp": "2025-10-15T22:35:51.000000Z"} https://vulnerability.circl.lu/sighting/3f5b3cfb-f9d3-4a1f-8b62-8c1fb1484d00/export Wed, 15 Oct 2025 22:35:51 +0000 e6771fa5-5f4e-4c46-acae-a51e45994e27 https://vulnerability.circl.lu/sighting/e6771fa5-5f4e-4c46-acae-a51e45994e27/export {"uuid": "e6771fa5-5f4e-4c46-acae-a51e45994e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17371", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 19,026\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 19,026 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 165\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 18,805\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 56\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 19,026\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 7 seconds\n\ud83d\ude97 Data from user: XxNullxX \ud83d\ude97", "creation_timestamp": "2025-10-17T12:57:59.000000Z"} {"uuid": "e6771fa5-5f4e-4c46-acae-a51e45994e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17371", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 19,026\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 19,026 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 165\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 18,805\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 56\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 19,026\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 7 seconds\n\ud83d\ude97 Data from user: XxNullxX \ud83d\ude97", "creation_timestamp": "2025-10-17T12:57:59.000000Z"} https://vulnerability.circl.lu/sighting/e6771fa5-5f4e-4c46-acae-a51e45994e27/export Fri, 17 Oct 2025 12:57:59 +0000 5772ee3c-aead-4a04-9cb1-e0345d88ece0 https://vulnerability.circl.lu/sighting/5772ee3c-aead-4a04-9cb1-e0345d88ece0/export {"uuid": "5772ee3c-aead-4a04-9cb1-e0345d88ece0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17372", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 19,026\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 19,026 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 165\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 18,805\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 56\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 19,026\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 7 seconds\n\ud83d\ude97 Data from user: XxNullxX \ud83d\ude97", "creation_timestamp": "2025-10-17T12:58:36.000000Z"} {"uuid": "5772ee3c-aead-4a04-9cb1-e0345d88ece0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17372", "content": " \ud83d\udc51 CF-Business-2 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 19,026\n\n Request Successful\n \u27a5 0 (0.00%)\n\n Request Blocked\n \u27a5 19,026 (100.00%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 0\n \u27a5 Percentage: 0.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 165\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 18,805\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 56\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/1.1\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 19,026\n \u27a5 Percentage: 100.00%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\u23f0 Time Remaining: 7 seconds\n\ud83d\ude97 Data from user: XxNullxX \ud83d\ude97", "creation_timestamp": "2025-10-17T12:58:36.000000Z"} https://vulnerability.circl.lu/sighting/5772ee3c-aead-4a04-9cb1-e0345d88ece0/export Fri, 17 Oct 2025 12:58:36 +0000 ba8e475b-e288-4729-84d9-4a8f73103975 https://vulnerability.circl.lu/sighting/ba8e475b-e288-4729-84d9-4a8f73103975/export {"uuid": "ba8e475b-e288-4729-84d9-4a8f73103975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17509", "content": " \ud83d\udc51 CF-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 341,705\n\n Request Successful\n \u27a5 316,927 (92.75%)\n\n Request Blocked\n \u27a5 24,778 (7.25%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 156,589\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 156,589\n \u27a5 Percentage: 45.83%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 5,477\n \u27a5 Action: Managed Challenge Bypassed\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 404\n \u27a5 Trigger Rules: Managed Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 154,697\n \u27a5 Action: Managed Challenge Bypassed\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 404\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 160,338\n \u27a5 Percentage: 46.92%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Custom Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 22,160\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 2,596\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 21\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 24,778\n \u27a5 Percentage: 7.25%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: shooters \ud83d\ude97", "creation_timestamp": "2025-10-18T17:46:11.000000Z"} {"uuid": "ba8e475b-e288-4729-84d9-4a8f73103975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-14774", "type": "seen", "source": "https://t.me/DstatLogs/17509", "content": " \ud83d\udc51 CF-Business-1 \ud83d\udc51\n\n\ud83e\udd84 Total Count:\n\n All Request\n \u27a5 341,705\n\n Request Successful\n \u27a5 316,927 (92.75%)\n\n Request Blocked\n \u27a5 24,778 (7.25%)\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udd2b Allowed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 HTTP Protocol: HTTP/2\n \u27a5 HTTP ResponseStatus: 404\n \u27a5 Count: 156,589\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 156,589\n \u27a5 Percentage: 45.83%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\ude81 Bypassed Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 5,477\n \u27a5 Action: Managed Challenge Bypassed\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 404\n \u27a5 Trigger Rules: Managed Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 154,697\n \u27a5 Action: Managed Challenge Bypassed\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 404\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 160,338\n \u27a5 Percentage: 46.92%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\ud83d\udee1 Blocked Request:\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 1\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Custom Rules\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 22,160\n \u27a5 Action: Blocked\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: HTTP DDoS\n \u27a5 Vector: HTTP requests trying to impersonate browsers.\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 2,596\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Security Level\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n \u27a5 Count: 21\n \u27a5 Action: Managed Challenge\n \u27a5 RequestHTTPMethod: GET\n \u27a5 RequestHTTPProtocol: HTTP/2\n \u27a5 ResponseStatus: 403\n \u27a5 Trigger Rules: Managed Rules\n \u27a5 Vector: Drupal - Anomaly:Header:X-Forwarded-For - CVE:CVE-2018-14774\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n \u27a5 Count: 24,778\n \u27a5 Percentage: 7.25%\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\n\n\n\ud83d\ude97 Data from user: shooters \ud83d\ude97", "creation_timestamp": "2025-10-18T17:46:11.000000Z"} https://vulnerability.circl.lu/sighting/ba8e475b-e288-4729-84d9-4a8f73103975/export Sat, 18 Oct 2025 17:46:11 +0000