Anonymous
2026-06-18 23:36:51
(1 week ago)
162.158.163.170 - - [19/Jun/2026:01:36:50 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 4 ...
show more
162.158.163.170 - - [19/Jun/2026:01:36:50 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.163.170 - - [19/Jun/2026:01:36:50 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.163.170 - - [19/Jun/2026:01:36:50 +0200] "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.163.170 - - [19/Jun/2026:01:36:50 +0200] "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
162.158.163.170 - - [19/Jun/2026:01:36:51 +0200] "GET //test/wp-includes/wlwmanifest.x
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-10 02:50:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 22:50:41.434725 2026] [security2:error] [pid 11830:tid 11830] [client 162.158.163.170:13395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.portfolio.hotelausland.com"] [uri "/sftp-config.json"] [unique_id "af_ygWe3Ox5v7n3pocAoygAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-07 22:03:01
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-07
Web App Attack
SSH
Hacking
๐ฒ๐น
Malta
2026-02-28 22:45:44
(4 months ago)
162.158.163.170 - - [28/Feb/2026:23:45:43 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/4.0 (compatibl ...
show more
162.158.163.170 - - [28/Feb/2026:23:45:43 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; InfoPath.3)"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
Anonymous
2025-11-10 14:13:42
(7 months ago)
[Mon Nov 10 15:13:37.830174 2025] [authz_core:error] [pid 32747] [client 162.158.163.170:11832] AH01 ...
show more
[Mon Nov 10 15:13:37.830174 2025] [authz_core:error] [pid 32747] [client 162.158.163.170:11832] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Nov 10 15:13:39.040912 2025] [authz_core:error] [pid 32747] [client 162.158.163.170:11832] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Nov 10 15:13:42.379876 2025] [authz_core:error] [pid 32747] [client 162.158.163.170:11832] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-11-02 22:52:22
(7 months ago)
2025-11-02 06:33:56 /wp-content/uploads/2013/02/studio.jpg
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-10-02 22:48:15
(8 months ago)
2025-10-02 04:04:13 /blog/
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-09-18 23:42:44
(9 months ago)
2025-09-18 16:34:27 /wp-content/plugins/atomlib.php
2025-09-18 16:34:48 /.well-known/acme-challenge/ ...
show more
2025-09-18 16:34:27 /wp-content/plugins/atomlib.php
2025-09-18 16:34:48 /.well-known/acme-challenge/admin.php
2025-09-18 16:34:52 /wp-content/radio.php
2025-09-18 16:34:34 /wp-content/plugins/Cache/
show less
Web App Attack
Anonymous
2025-07-14 09:33:06
(11 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-07-06 07:05:49
(11 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-06-22 00:43:57
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-06-07 15:41:49
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 07 11:41:46.797419 2025] [security2:error] [pid 653003:tid 653003] [client 162.158.163.170:42308] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 62.146.234.58 (0+1 hits since last alert)|www.nursetammytalks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.nursetammytalks.com"] [uri "/xmlrpc.php"] [unique_id "aERdumJPHDqg66GW5OEKjAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-06 21:21:17
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 06 17:21:10.660249 2025] [security2:error] [pid 583982:tid 583982] [client 162.158.163.170:16104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caspina.com"] [uri "/.env"] [unique_id "aENbxsC-l90NaRr7w6Ej5QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-28 21:50:11
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.163.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 17:50:07.621837 2025] [security2:error] [pid 2110697:tid 2110697] [client 162.158.163.170:65514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.virtualizecr.net"] [uri "/.env"] [unique_id "aDeFD_b0lLjfrpWKW2ZtgwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-05-25 22:38:18
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH