Anonymous
2026-06-30 23:51:07
(2 weeks ago)
Web App Attack
Brute-Force
Web App Attack
๐บ๐ธ
WellSpring
2026-05-26 15:25:13
(1 month ago)
wordpress scan on 580.today/wp-admin/install.php โ WellSpr.ing/NetSentinel civic-AI security layer
Bad Web Bot
Web App Attack
๐ซ๐ท
Campus France
2026-04-24 09:41:44
(2 months ago)
[Fri Apr 24 11:41:43.475584 2026] [php:error] [pid 3276228] [client 162.158.102.42:12951] script '/v ...
show more
[Fri Apr 24 11:41:43.475584 2026] [php:error] [pid 3276228] [client 162.158.102.42:12951] script '/var/www/html/error.php' not found or unable to stat
[Fri Apr 24 11:41:43.513188 2026] [php:error] [pid 3276228] [client 162.158.102.42:12951] script '/var/www/html/wp-load.php' not found or unable to stat
[Fri Apr 24 11:41:43.625749 2026] [php:error] [pid 3276228] [client 162.158.102.42:12951] script '/var/www/html/77.php' not found or unable to stat
[Fri Apr 24 11:41:43.674410 2026] [php:error] [pid 3276228] [client 162.158.102.42:12951] script '/var/www/html/.sghb.php' not found or unable to stat
[Fri Apr 24 11:41:43.712028 2026] [php:error] [pid 3276228] [client 162.158.102.42:12951] script '/var/www/html/zoko.php' not found or unable to stat
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
bastiweb
2026-03-23 05:08:31
(3 months ago)
162.158.102.42 - - [23/Mar/2026:06:08:29 +0100] "POST /wp-login.php HTTP/1.0" 200 8189 "https://www. ...
show more
162.158.102.42 - - [23/Mar/2026:06:08:29 +0100] "POST /wp-login.php HTTP/1.0" 200 8189 "https://www.goehler-baumpflege.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
162.158.102.42 - - [23/Mar/2026:06:08:29 +0100] "POST /wp-login.php HTTP/1.0" 200 8189 "https://www.goehler-baumpflege.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
162.158.102.42 - - [23/Mar/2026:06:08:30 +0100] "POST /wp-login.php HTTP/1.0" 200 8189 "https://www.goehler-baumpflege.de/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
162.158.102.42 - - [23/Mar/2026:06:08:30 +0100] "POST /wp-login.php HTTP/1.0" 200 8189 "https://www.goehler-baumpflege.de/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
OptimusGO
2026-03-11 04:09:44
(4 months ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-03-11 04:09:44 UTC
Log evidence:
162.158.102.42 - - [11/Mar/2026:04:05:45 +0000] "GET /api/.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Linux; Android 4.1.1; Huawei Y301A1 Build/HuaweiY301A1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.114 Mobile Safari/537.36"
162.158.102.42 - - [11/Mar/2026:04:05:47 +0000] "GET /info/ HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36"
03/11/2026-04:05:45.936444 [wDrop] [**] [1:1000110:2] SECURITY CRITICAL: .env File Access Attempt - INSTANT BAN [**] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 162.158.102.42:13723 -> 185.127.18.66:80
show less
Port Scan
Brute-Force
๐บ๐ฆ
URAN Publishing Service
2025-08-07 10:46:20
(11 months ago)
162.158.102.42 - - [07/Aug/2025:13:46:17 +0300] "GET /wp-admin/css/colors/coffee/weba.php HTTP/1.1" ...
show more
162.158.102.42 - - [07/Aug/2025:13:46:17 +0300] "GET /wp-admin/css/colors/coffee/weba.php HTTP/1.1" 404 274 "-" "fasthttp"
162.158.102.42 - - [07/Aug/2025:13:46:19 +0300] "GET /wp-includes/class.php HTTP/1.1" 404 274 "-" "fasthttp"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2025-07-20 01:29:51
(11 months ago)
162.158.102.42 - - [20/Jul/2025:04:29:46 +0300] "GET /wp-admin/maint/admin.php HTTP/1.1" 404 196 "-" ...
show more
162.158.102.42 - - [20/Jul/2025:04:29:46 +0300] "GET /wp-admin/maint/admin.php HTTP/1.1" 404 196 "-" "-"
162.158.102.42 - - [20/Jul/2025:04:29:50 +0300] "GET /wp-includes/certificates/plugins.php HTTP/1.1" 404 196 "-" "-"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2025-06-16 21:00:29
(1 year ago)
162.158.102.42 - - [17/Jun/2025:00:00:27 +0300] "GET /wp-content/uploads/ms-sites-modify.php HTTP/1. ...
show more
162.158.102.42 - - [17/Jun/2025:00:00:27 +0300] "GET /wp-content/uploads/ms-sites-modify.php HTTP/1.1" 404 196 "-" "-"
162.158.102.42 - - [17/Jun/2025:00:00:28 +0300] "GET /wp-content/languages/chosen.php HTTP/1.1" 404 196 "-" "-"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-08 01:15:53
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 162.158.102.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.102.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 07 21:15:49.919998 2025] [security2:error] [pid 2587954:tid 2587954] [client 162.158.102.42:45636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/admin/.env"] [unique_id "aETkRSldRfSdXOn9nO3DaAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-16 18:08:35
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 162.158.102.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.102.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 16 14:08:30.785367 2025] [security2:error] [pid 957692:tid 957692] [client 162.158.102.42:42528] [client 162.158.102.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pixacast.com"] [uri "/stage/.env"] [unique_id "aCd_Hio6FjPzQhr9L1XqhAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
hbrks
2025-05-05 08:23:04
(1 year ago)
GET http://autohq.cloud/wordpress/wp-admin/setup-config.php
Web Spam
Hacking
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-04-30 13:18:17
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 162.158.102.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.102.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 09:18:09.514849 2025] [security2:error] [pid 30708:tid 30708] [client 162.158.102.42:15618] [client 162.158.102.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ard.global"] [uri "/config/.env"] [unique_id "aBIjEfimVDB_aaLxkExeHwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-04-22 04:36:52
(1 year ago)
Port probe to tcp/80 (http)
[srv125]
Port Scan
Bad Web Bot
Web App Attack
๐ฉ๐ช
bitpanda
2025-04-16 00:01:53
(1 year ago)
Malicious activity detected by Imunify360
Brute-Force
SSH
๐ณ๐ฑ
ipoac.nl
2025-04-13 15:11:22
(1 year ago)
***:443 162.158.102.42 - - [13/Apr/2025:17:11:22 +0200] *** "GET /wordpress/wp-admin/setup-config.ph ...
show more
***:443 162.158.102.42 - - [13/Apr/2025:17:11:22 +0200] *** "GET /wordpress/wp-admin/setup-config.php HTTP/2.0" 500 1121 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"
show less
Bad Web Bot