JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 160.119.157.118

160.119.157.118 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 71%: ?

71%

ISP	Dinamic Poll for WISP
Usage Type	Fixed Line ISP
ASN	AS328223
Domain Name	conecte.co.mz
Country	🇲🇿 Mozambique
City	Maputo, Maputo City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 160.119.157.118

Whois 160.119.157.118

IP Abuse Reports for 160.119.157.118:

This IP address has been reported a total of 55 times from 31 distinct sources. 160.119.157.118 was first reported on August 27th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 20:52:49 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 16:52:45.889353 2026] [security2:error] [pid 8428:tid 8428] [client 160.119.157.118:50369] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 160.119.157.118 (+1 hits since last alert)\|baselinesc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "baselinesc.com"] [uri "/xmlrpc.php"] [unique_id "ajmgnS0kmIEiK27I8boTagAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ipoac.nl	2026-06-22 18:47:05 (6 hours ago)	2026-06-22T20:47:04.589856+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 160 ... show more 2026-06-22T20:47:04.589856+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 160.119.157.118 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 12:57:28 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 08:57:23.698385 2026] [security2:error] [pid 30574:tid 30574] [client 160.119.157.118:52032] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 160.119.157.118 (+1 hits since last alert)\|tcomputerguy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tcomputerguy.com"] [uri "/xmlrpc.php"] [unique_id "ajffs-wt4EQyPUJ2WJfq7QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 22:28:45 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:28:40.187976 2026] [security2:error] [pid 15772:tid 15772] [client 160.119.157.118:28611] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 160.119.157.118 (+1 hits since last alert)\|marcosbarraza.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "marcosbarraza.net"] [uri "/xmlrpc.php"] [unique_id "ajcUGGYg-y5CqKO9F6m68AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-20 21:53:59 (2 days ago)	160.119.157.118 - - [20/Jun/2026:23:53:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by ... show more 160.119.157.118 - - [20/Jun/2026:23:53:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 160.119.157.118 - - [20/Jun/2026:23:53:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 160.119.157.118 - - [20/Jun/2026:23:53:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 160.119.157.118 - - [20/Jun/2026:23:53:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 160.119.157.118 - - [20/Jun/2026:23:53:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-20 19:52:10 (2 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 21:49:36 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 160.119.157.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:49:29.022372 2026] [security2:error] [pid 24961:tid 24990] [client 160.119.157.118:59130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 160.119.157.118 (+1 hits since last alert)\|whatismetamodern.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "ajHE6Vqmu1e__RBa8yaB3QAAAZg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-06-14 01:03:18 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇭 backslash	2026-06-12 11:33:04 (1 week ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇮🇩 hermawan	2026-06-11 13:57:03 (1 week ago)	[Thu Jun 11 20:56:59.863511 2026] [security2:error] [pid 1740642:tid 139768594818752] [client 160.11 ... show more [Thu Jun 11 20:56:59.863511 2026] [security2:error] [pid 1740642:tid 139768594818752] [client 160.119.157.118:57606] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-bulanan/infografis-bulanan-buletin HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-bulanan/infografis-bulanan-buletin"] [unique_id "aiq-q9JOVoKEB2CH4keeNQAARAE"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1740644] [CXTgu/qyh4w] [aiq-q9JOVoKEB2CH4keeNQAARAE] keep_alive=[1] [2026-06-11 20:56:59.863515] [R:aiq-q9JOVoKEB2CH4keeNQAARAE ... show less	Email Spam Hacking
🇩🇪 Vegascosmetics	2026-06-07 10:17:17 (2 weeks ago)	Kingcopy(AI-IDS) Report: IP automatically blocked after obfuscated encoding. Vegas Security System	DDoS Attack Hacking Bad Web Bot
🇧🇷 chronos	2026-06-04 13:54:29 (2 weeks ago)	Generic malicious activity: Tentativa de varredura de porta TCP... \| Port: 59601 \| Proto: TCP \| Loca ... show more Generic malicious activity: Tentativa de varredura de porta TCP... \| Port: 59601 \| Proto: TCP \| Location: Mozambique, Maputo show less	Port Scan Hacking
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇬🇧 PeravixGroup	2026-05-21 04:10:50 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇦🇹 urnilxfgbez	2026-05-20 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:6000::7d

🇹🇼 210.61.14.16

🇬🇧 195.140.214.20

🇫🇷 185.202.236.245

🇺🇸 184.105.247.212

🇨🇴 45.191.233.133

🇨🇦 4.204.223.67

🇰🇿 2.135.146.53

🇺🇸 2607:f8b0:4001:c2e::124

🇭🇰 203.83.11.202

🇧🇷 187.12.48.70

🇧🇷 177.125.123.25

🇧🇷 164.163.24.11

🇨🇳 115.151.72.155

🇸🇬 71.18.255.56

🇫🇮 62.238.15.231

🇮🇶 62.201.228.210

🇨🇳 61.175.239.74

🇺🇸 50.103.44.38

🇭🇰 47.83.26.25