Cynar & Cinny
2024-12-04 16:23:59
(1 day ago)
ufw_block_log
Port Scan
Anonymous
2024-12-03 15:22:00
(2 days ago)
2024-12-03 15:22:00 warning: host unknown[143.198.87.202]: unauthorized access attempted: tcp/6012
Port Scan
Brute-Force
TPI-Abuse
2024-11-21 20:06:08
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 15:06:01.639333 2024] [security2:error] [pid 42271:tid 42271] [client 143.198.87.202:49841] [client 143.198.87.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "morganmotors.com"] [uri "/wp-config.php"] [unique_id "Zz-SqUgFFQ-I9QOS9LTKCgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-21 18:15:08
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 13:15:00.018760 2024] [security2:error] [pid 13560:tid 13560] [client 143.198.87.202:54175] [client 143.198.87.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "monteriggioni.net"] [uri "/wp-config.php"] [unique_id "Zz94pLeO5LqE5J8yvT6aGwAAACI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-21 09:15:32
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 04:15:27.034193 2024] [security2:error] [pid 632:tid 632] [client 143.198.87.202:52135] [client 143.198.87.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "missevelyn.com"] [uri "/wp-config.php"] [unique_id "Zz76L6pMHpVrfC2BqFbwggAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
ds6.net
2024-11-21 03:44:55
(2 weeks ago)
Blocked by CSF Firewall. Reason: lfd: (mod_security) mod_security (id:950130) triggered by 143.198.8 ... show more Blocked by CSF Firewall. Reason: lfd: (mod_security) mod_security (id:950130) triggered by 143.198.87.202 (SG/Singapore/-): 5 in the last 3600 secs - Wed Nov 6 22:30:48 2024 show less
Hacking
Mendip_Defender
2024-11-20 06:36:10
(2 weeks ago)
143.198.87.202 - - [20/Nov/2024:06:36:19 +0000] "GET /WP/wp-content/themes/newsfeed-theme/nfiav.php ... show more 143.198.87.202 - - [20/Nov/2024:06:36:19 +0000] "GET /WP/wp-content/themes/newsfeed-theme/nfiav.php HTTP/1.0" 404 1047 "-" "fasthttp"
143.198.87.202 - - [20/Nov/2024:06:36:19 +0000] "GET /wp-content/themes/newsfeed-theme/nfiav.php HTTP/1.0" 404 1047 "-" "fasthttp"
... show less
Hacking
Web App Attack
yukon.ca
2024-11-20 04:44:46
(2 weeks ago)
WordPress Enforcement Protection: WordPress HTTP Brute Force Login Attempt
Port:80
Hacking
Exploited Host
TPI-Abuse
2024-11-19 18:04:31
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 19 13:04:27.214312 2024] [security2:error] [pid 6186:tid 6186] [client 143.198.87.202:64312] [client 143.198.87.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beechleafdesign.com"] [uri "/wp-config.php"] [unique_id "ZzzTKzVCl_rURD6oMAsdwwAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-11-18 20:35:45
(2 weeks ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
Cloudkul Cloudkul
2024-11-16 22:24:04
(2 weeks ago)
Attempted Brute Force on our application
Brute-Force
Web App Attack
thetomtaylor.co.uk
2024-11-15 21:08:47
(2 weeks ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer
... [wa02]
Bad Web Bot
Web App Attack
Anonymous
2024-11-15 20:42:11
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Evag Touf
2024-11-15 07:35:18
(3 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 143.198.87.202 (SG/Singapore/-): (CF_E ... show more (mod_security) mod_security triggered on hostname [redacted] 143.198.87.202 (SG/Singapore/-): (CF_ENABLE) show less
SQL Injection
TPI-Abuse
2024-11-13 15:24:11
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 143.198.87.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 10:24:03.439982 2024] [security2:error] [pid 14415:tid 14415] [client 143.198.87.202:61824] [client 143.198.87.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "memorialcityzen.com"] [uri "/wp-config.php"] [unique_id "ZzTEk9nlv6iq9jSLtUapdQAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack