๐จ๐ญ
backslash
2025-10-25 04:00:41
(8 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2025-10-06 21:28:40
(9 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-06 13:46:42
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 06 09:46:36.634745 2025] [security2:error] [pid 3637558:tid 3637558] [client 94.183.116.18:54268] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bernsteinip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bernsteinip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aOPIPBO1X2rlnDZkpsv7qwAAAAU"], referer: https://bernsteinip.com/wp-json/wp/v2/users/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hazzard
2025-10-05 17:33:53
(9 months ago)
(wordpress) Failed wordpress login from 94.183.116.18 (IR/Iran/-/-/94-183-116-18.shatel.ir/[redacted ...
show more
(wordpress) Failed wordpress login from 94.183.116.18 (IR/Iran/-/-/94-183-116-18.shatel.ir/[redacted])
show less
Brute-Force
๐ฎ๐น
VHosting
2025-09-27 22:36:28
(9 months ago)
Detected mail brute force attack from 4 different servers
Brute-Force
๐ฒ๐พ
syokadmin
2025-09-21 11:26:43
(9 months ago)
94.183.116.18 (IR/Iran/94-183-116-18.shatel.ir), 2 distributed smtpauth attacks on account [account@ ...
show more
94.183.116.18 (IR/Iran/94-183-116-18.shatel.ir), 2 distributed smtpauth attacks on account [[email protected] ] in the last 3600 secs
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-09-20 14:07:27
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 20 10:07:19.284740 2025] [security2:error] [pid 27104:tid 27104] [client 94.183.116.18:46243] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||whatyouhear.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "whatyouhear.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aM61F_BB4yBOv-UDY2fe2gAAACM"], referer: https://whatyouhear.com/wp-json/wp/v2/users/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nowyouknow
2025-08-23 20:53:51
(10 months ago)
Phishing
Web Spam
๐บ๐ธ
TPI-Abuse
2025-08-11 18:42:47
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 11 14:42:39.264056 2025] [security2:error] [pid 5575:tid 5575] [client 94.183.116.18:52525] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jolankagroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aJo5n7ZoA3r3Df0H2mbFWQAAAAo"], referer: https://jolankagroup.com/wp-json/wp/v2/users/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-07 01:57:03
(11 months ago)
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 94.183.116.18 (94-183-116-18.shatel.ir): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 06 21:56:59.738121 2025] [security2:error] [pid 8562:tid 8578] [client 94.183.116.18:59528] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nimbll.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nimbll.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aJQH64tTpXqgKwec1Xe5EwAAAE4"], referer: https://nimbll.com/wp-json/wp/v2/users/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-07-19 04:30:14
(11 months ago)
Failed login attempt detected by Fail2Ban in recidive jail
Brute-Force
๐ช๐ธ
el-brujo
2025-06-10 09:52:03
(1 year ago)
06/10/2025-11:52:03.618427 94.183.116.18 Protocol: 6 GPL POLICY SOCKS Proxy attempt
Port Scan
๐จ๐ฟ
Petr Dub
2025-06-04 02:06:15
(1 year ago)
Brute-force attack on MS SQL server, port 1433.
Brute-Force
๐ฒ๐พ
Rizzy
2025-05-23 04:28:29
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐จ๐ฟ
Petr Dub
2025-05-17 08:03:51
(1 year ago)
Brute-force attack on MS SQL server, port 1433.
Brute-Force