π«π·
dynamix
2026-07-02 10:46:25
(1 day ago)
Multiple WAF Violations
Web App Attack
π³π±
Site.eu
2026-06-30 23:40:38
(2 days ago)
Excessive 404/403 errors
Brute-Force
π«π·
Octopuce
2026-06-25 21:41:21
(1 week ago)
Aggressive web search of vulnerable pages: /wp-admin/css/wp-css.php /wp-includes/IXR/goto.php /wp-ad ...
show more
Aggressive web search of vulnerable pages: /wp-admin/css/wp-css.php /wp-includes/IXR/goto.php /wp-admin/css/colors/blue/xboom.php /wp-content/t ...
show less
Web App Attack
π«π·
masterguru
2026-06-25 06:35:53
(1 week ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-197)
Hacking
π¬π§
consul.to
2026-06-24 00:12:35
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
π¬π§
consul.to
2026-06-22 04:17:32
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
π¬π§
consul.to
2026-06-19 19:57:24
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-19 11:28:44
(2 weeks ago)
(mod_security) mod_security (id:240000) triggered by 98.159.43.44 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240000) triggered by 98.159.43.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 07:28:36.299944 2026] [security2:error] [pid 19340:tid 19340] [client 98.159.43.44:58413] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||magazinesubscriptionsusa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "magazinesubscriptionsusa.com"] [uri "/images/stories/themes.php"] [unique_id "ajUn5JVeVdbf1vAnH2CXpQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 07:01:37
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 98.159.43.44 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 98.159.43.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:01:24.283271 2026] [security2:error] [pid 26949:tid 26949] [client 98.159.43.44:49823] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.mympizzas.com.mx|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.mympizzas.com.mx"] [uri "/awstats.conf"] [unique_id "ai-jRF4zgomSlNTAxdc3DgAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
pipeline.es
2026-06-06 19:00:26
(3 weeks ago)
Web scanning / probing for vulnerable paths
Port Scan
Web App Attack
πͺπΈ
pipeline.es
2026-06-06 18:12:49
(3 weeks ago)
Web scanning / probing for vulnerable paths | URL: /modules/myprestaloyalty/index.php | Evidence: rh ...
show more
Web scanning / probing for vulnerable paths | URL: /modules/myprestaloyalty/index.php | Evidence: rhin.es 98.159.43.44 - - [06/Jun/2026:20:11:44 +0200] \"GET /modules/myprestaloyalty/index.php HTTP/1.1\" 404 231 \"http://rhodesia.es//modules/myprestaloyalty/index.php\" \"Go-http-client/1.1\" GEOIP_COUNTRY_CODE=TH | ASN: F.n.s. Holdings Limited | Country: TH
show less
Port Scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-06 04:31:59
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 98.159.43.44 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 98.159.43.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:31:41.137474 2026] [security2:error] [pid 28112:tid 28112] [client 98.159.43.44:46163] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.animatuevento.com.mx|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.animatuevento.com.mx"] [uri "/Thumbs.db"] [unique_id "aiOirbgEHLpvUi6m8vY0XAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-05 17:41:21
(3 weeks ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
Anonymous
2026-06-05 16:32:56
(3 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 98.159.43.44 (TH/Thailand/-)
SQL Injection
π¬π§
consul.to
2026-05-25 02:24:40
(1 month ago)
Web attack/malicious scanning detected
Web App Attack