๐ง๐ท
ICS Labs
2026-07-10 18:53:12
(8 hours ago)
ICS Labs identified 98.159.43.12 as a malicious indicator from threat intelligence.
DDoS Attack
Port Scan
Hacking
Brute-Force
Exploited Host
๐ซ๐ท
dynamix
2026-07-09 16:47:04
(1 day ago)
Multiple WAF Violations
Web App Attack
๐ฌ๐ง
consul.to
2026-07-09 13:44:46
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
consul.to
2026-07-03 23:41:03
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 13:36:01
(1 week ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ท
Octopuce
2026-06-25 21:38:16
(2 weeks ago)
Aggressive web search of vulnerable pages: /radio.php /wp-admin/mah.php /wp-content/plugins/dummyyum ...
show more
Aggressive web search of vulnerable pages: /radio.php /wp-admin/mah.php /wp-content/plugins/dummyyummy/wp-signup.php /wp-admin/css/colors/midni ...
show less
Web App Attack
๐ฌ๐ง
consul.to
2026-06-24 09:18:19
(2 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
consul.to
2026-06-23 04:49:05
(2 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
consul.to
2026-06-19 20:02:04
(3 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 07:03:14
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 98.159.43.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 98.159.43.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:02:46.685288 2026] [security2:error] [pid 13450:tid 13450] [client 98.159.43.12:54659] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.mympizzas.com.mx|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.mympizzas.com.mx"] [uri "/users.bak"] [unique_id "ai-jlm319LCK4YAIhFhs_gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-06 14:02:30
(1 month ago)
Bad bot ignoring robot.txt
Bad Web Bot
๐ฉ๐ช
Lino Project
2026-06-06 13:27:05
(1 month ago)
98.159.43.12 - - [06/Jun/2026:15:27:00 +0200] "GET /templates/protostar/error.php HTTP/2.0" 404 8898 ...
show more
98.159.43.12 - - [06/Jun/2026:15:27:00 +0200] "GET /templates/protostar/error.php HTTP/2.0" 404 88981 "https://tobaco.it/templates/protostar/error.php" "Go-http-client/2.0"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-06 11:48:00
(1 month ago)
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //modules/mod_simplefileuploadv1.3/elements/filem ...
show more
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //modules/mod_simplefileuploadv1.3/elements/filemanager.php HTTP/1.1" 404 437 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //modules/mod_simplefileuploadv1.3/elements/filemanager.php HTTP/1.1" 404 242 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //templates/protostar/error.php HTTP/1.1" 404 437 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //templates/protostar/error.php HTTP/1.1" 404 242 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //vendor/composer/cache.php HTTP/1.1" 404 437 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //vendor/composer/cache.php HTTP/1.1" 404 242 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET //modules/mod_simplefileuploadv1.3/elements/udd.php HTTP/1.1" 404 437 "-" "Go-http-client/1.1"
98.159.43.12 - - [06/Jun/2026:13:47:42 +0200] "GET
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 04:33:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 98.159.43.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 98.159.43.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:32:56.315122 2026] [security2:error] [pid 29086:tid 29086] [client 98.159.43.12:44383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.animatuevento.com.mx"] [uri "/wp-config.php.swp"] [unique_id "aiOi-GbfDTZqchb0LpUE8wAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-05 17:41:20
(1 month ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH