πΊπΈ
TPI-Abuse
2026-07-01 03:06:38
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 23:06:30.899541 2026] [security2:error] [pid 32038:tid 32038] [client 85.128.143.142:55124] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kaldaragroup.com.greenlight.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kaldaragroup.com.greenlight.us"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSENqZdn_EZHgFrCAkMygAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΉ
Malta
2026-07-01 02:20:53
(1 day ago)
85.128.143.142 - - [01/Jul/2026:04:20:53 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ...
show more
85.128.143.142 - - [01/Jul/2026:04:20:53 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-30 05:55:46
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 01:55:41.062177 2026] [security2:error] [pid 19029:tid 19029] [client 85.128.143.142:34196] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.soundtrax.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.soundtrax.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akNaXb-YTfVTnsXIzLoCaQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ger-stg-sifi1
2026-06-30 05:13:48
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
π©πͺ
FeG Deutschland
2026-06-30 00:36:47
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 09:40:22
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:40:14.897294 2026] [security2:error] [pid 29343:tid 29393] [client 85.128.143.142:42734] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||emehache.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "emehache.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akI9fkH12K8f-4m09RuoYAAAAE4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 08:02:26
(3 days ago)
WAPPICOM WEBEXPLOIT 85.128.143.142 (static-akl142.rev.netart.com)
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 05:41:02
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:40:55.627572 2026] [security2:error] [pid 2017:tid 2017] [client 85.128.143.142:58262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sneedvillefarmersmarket.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sneedvillefarmersmarket.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIFZwxpe-zMWrkGT7nZzQAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 01:44:12
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:44:08.279567 2026] [security2:error] [pid 19417:tid 19417] [client 85.128.143.142:47916] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||joeordie.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "joeordie.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akHN6CvF4ejeMuxqtkxb6wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 00:16:06
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:15:59.352074 2026] [security2:error] [pid 28161:tid 28161] [client 85.128.143.142:52066] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sbip.loneoakhoney.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sbip.loneoakhoney.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akG5Pyqd4Ksebv061OcXwQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-28 19:20:44
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
πΊπΈ
mnsf
2026-06-28 19:05:04
(3 days ago)
Abuse Detected (1)
Brute-Force
Web App Attack
π«π·
masterguru
2026-06-28 04:47:20
(4 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 85.128.143.142 (PL/Poland/static-akl142.rev.n ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 85.128.143.142 (PL/Poland/static-akl142.rev.netart.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π©πͺ
neckaralb-admin.de
2026-06-28 02:34:54
(4 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 02:09:26
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): ...
show more
(mod_security) mod_security (id:225170) triggered by 85.128.143.142 (static-akl142.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:09:19.665040 2026] [security2:error] [pid 31116:tid 31116] [client 85.128.143.142:33384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||guarinofurnituredesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "guarinofurnituredesigns.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akCCT-L-U8hNwhvf44A9_gAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack