๐บ๐ธ
TPI-Abuse
2026-07-03 17:07:06
(22 hours ago)
(mod_security) mod_security (id:240000) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:06:57.974509 2026] [security2:error] [pid 12920:tid 12920] [client 98.159.43.7:41025] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||chezlubacov.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "chezlubacov.xyz"] [uri "/images/stories/themes.php"] [unique_id "akfsMfnOX1y21xDxIfDsjAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Didier Lagaert
2026-07-03 12:03:24
(1 day ago)
lie-17 : Block hidden directories=>/.trash7206/index.php(/)
Hacking
๐ซ๐ท
dynamix
2026-06-30 13:37:27
(4 days ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 14:12:02
(6 days ago)
(mod_security) mod_security (id:240000) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:11:58.663620 2026] [security2:error] [pid 26163:tid 26163] [client 98.159.43.7:62313] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||walkingwithghosts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "walkingwithghosts.com"] [uri "/images/stories/themes.php"] [unique_id "akErriZqq6DQpZu6ujm7mgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-25 21:39:24
(1 week ago)
Aggressive web search of vulnerable pages: /setup.php /.bod/.ll/ss.php /.well-known/radio.php /wp-co ...
show more
Aggressive web search of vulnerable pages: /setup.php /.bod/.ll/ss.php /.well-known/radio.php /wp-content/plugin.php /wp-admin/css/colors/ectop ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 07:03:30
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:02:57.922142 2026] [security2:error] [pid 16109:tid 16109] [client 98.159.43.7:23067] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.mympizzas.com.mx|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.mympizzas.com.mx"] [uri "/dump.bak"] [unique_id "ai-jobQ41yWQb0NXwh_kxgAAAGc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-06 21:23:45
(3 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 98.159.43.7 (TH/Thailand/-)
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-06 04:33:35
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 98.159.43.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:33:13.680502 2026] [security2:error] [pid 28111:tid 28111] [client 98.159.43.7:64541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.animatuevento.com.mx"] [uri "/wp-config.old"] [unique_id "aiOjCRv1t2mduMfnh66nLwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-06-05 23:25:07
(4 weeks ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2026-06-05 17:41:18
(4 weeks ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
Anonymous
2026-06-05 16:33:03
(4 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 98.159.43.7 (TH/Thailand/-)
SQL Injection
๐ซ๐ท
Octopuce
2026-05-16 22:32:44
(1 month ago)
Aggressive web search of vulnerable pages: //modules/statsforecast/translations/fe.php //modules/ets ...
show more
Aggressive web search of vulnerable pages: //modules/statsforecast/translations/fe.php //modules/ets_htmlbox/loads.php //modules/myprestaloyalt ...
show less
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-05-16 21:50:45
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-05-16 14:15:08
(1 month ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-123)
show less
Bad Web Bot
Anonymous
2026-05-11 03:50:22
(1 month ago)
"GET /wp-content/plugins/pwnd-2/pwnd.php HTTP/1.1"
Hacking
Web App Attack