๐ง๐ท
ICS Labs
2026-06-04 17:46:30
(1 month ago)
ICS Labs identified 168.144.109.112 as a malicious indicator from threat intelligence.
DDoS Attack
Hacking
Exploited Host
๐ณ๐ฟ
Tripwire
2026-04-24 12:16:30
(2 months ago)
Scanning for exploits - /license.txt
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-04-24 11:18:33
(2 months ago)
168.144.109.112 - - [24/Apr/2026:12:18:31 +0100] "GET /roundcube/license.txt HTTP/2.0" 404 997 "-" " ...
show more
168.144.109.112 - - [24/Apr/2026:12:18:31 +0100] "GET /roundcube/license.txt HTTP/2.0" 404 997 "-" "python-requests/2.27.1"
show less
Bad Web Bot
๐ณ๐ฑ
Mangelot Hosting
2026-04-24 05:19:18
(2 months ago)
(wp_login_try) srv101 WP Login Attempt 168.144.109.112 (US/United States/-): 10 in the last 3600 sec ...
show more
(wp_login_try) srv101 WP Login Attempt 168.144.109.112 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-04-24 03:47:04
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
Exploited Host
Web App Attack
๐ฉ๐ช
main.ows
2026-04-23 19:03:43
(2 months ago)
168.144.109.112 - - [23/Apr/2026:21:03:27 +0200] "POST /wp-login.php HTTP/1.0" 200 7352 "https://stu ...
show more
168.144.109.112 - - [23/Apr/2026:21:03:27 +0200] "POST /wp-login.php HTTP/1.0" 200 7352 "https://studioconsulenzainternazionale.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15"
168.144.109.112 - - [23/Apr/2026:21:03:34 +0200] "POST /wp-login.php HTTP/1.0" 200 7353 "https://studioconsulenzainternazionale.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
168.144.109.112 - - [23/Apr/2026:21:03:42 +0200] "POST /wp-login.php HTTP/1.0" 200 7348 "https://studioconsulenzainternazionale.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:121.0) Gecko/20100101 Firefox/121.0"
...
show less
Web App Attack
๐ณ๐ฑ
Site.eu
2026-04-23 18:57:41
(2 months ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ฎ
bittiguru.fi
2026-04-23 03:07:38
(2 months ago)
168.144.109.112 - [23/Apr/2026:06:06:55 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVA ...
show more
168.144.109.112 - [23/Apr/2026:06:06:55 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/120.0.1" "2.37"
168.144.109.112 - [23/Apr/2026:06:07:06 +0300] "POST /wp-login.php HTTP/1.1" 403 753 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/118.0.2" "2.37"
168.144.109.112 - [23/Apr/2026:06:07:16 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36" "2.37"
168.144.109.112 - [23/Apr/2026:06:07:27 +0300] "POST /wp-login.php HTTP/1.1" 403 753 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/121.0" "2.37"
168.144.109.112 - [23/Apr/2026:06:07:37 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-04-23 02:51:51
(2 months ago)
168.144.109.112 - [23/Apr/2026:05:51:08 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVA ...
show more
168.144.109.112 - [23/Apr/2026:05:51:08 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36" "2.37"
168.144.109.112 - [23/Apr/2026:05:51:19 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/122.0" "2.37"
168.144.109.112 - [23/Apr/2026:05:51:30 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36" "2.37"
168.144.109.112 - [23/Apr/2026:05:51:40 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/121.0" "2.37"
168.144.109.112 - [23/Apr/2026:05:51:50 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://KANAVARESORT.FI/wp
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-04-23 02:36:03
(2 months ago)
168.144.109.112 - [23/Apr/2026:05:35:19 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVA ...
show more
168.144.109.112 - [23/Apr/2026:05:35:19 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/120.0.1" "2.37"
168.144.109.112 - [23/Apr/2026:05:35:30 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36" "2.37"
168.144.109.112 - [23/Apr/2026:05:35:41 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36" "2.37"
168.144.109.112 - [23/Apr/2026:05:35:51 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/119.0.1" "2.37"
168.144.109.112 - [23/Apr/2026:05:36:02 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-04-23 02:20:16
(2 months ago)
168.144.109.112 - [23/Apr/2026:05:19:31 +0300] "POST /wp-login.php HTTP/1.1" 403 3733 "https://KANAV ...
show more
168.144.109.112 - [23/Apr/2026:05:19:31 +0300] "POST /wp-login.php HTTP/1.1" 403 3733 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Gecko/20100101 Firefox/120.0.1" "3.24"
168.144.109.112 - [23/Apr/2026:05:19:42 +0300] "POST /wp-login.php HTTP/1.1" 404 12171 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/118.0.2" "4.38"
168.144.109.112 - [23/Apr/2026:05:19:53 +0300] "POST /wp-login.php HTTP/1.1" 404 12171 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/121.0" "4.38"
168.144.109.112 - [23/Apr/2026:05:20:04 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/122.0" "2.37"
168.144.109.112 - [23/Apr/2026:05:20:15 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://KANAVARESORT.FI/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Appl
...
show less
Hacking
Brute-Force
Web App Attack
๐จ๐ญ
Origon
2026-04-23 00:05:58
(2 months ago)
recidive - IP: 168.144.109.112 - 2026-04-22 17:03:04,739 fail2ban.actions [1676911]: NOTICE [plesk- ...
show more
recidive - IP: 168.144.109.112 - 2026-04-22 17:03:04,739 fail2ban.actions [1676911]: NOTICE [plesk-wordpress] Ban 168.144.109.112 2026-04-22 17:33:27,083 fail2ban.actions [1676911]: NOTICE [plesk-wordpress] Ban 168.144.109.112 2026-04-23 02:05:58,028 fail2ban.actions [1676911]: NOTICE [plesk-wordpress] Ban 168.144.109.112
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-22 23:14:27
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 168.144.109.112 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 168.144.109.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 19:14:23.541769 2026] [security2:error] [pid 32442:tid 32442] [client 168.144.109.112:63240] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kobraagencies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kobraagencies.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aelWTyE-iCim4VntiFA29wAAAA8"], referer: https://wordpress.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-04-22 22:29:33
(2 months ago)
Brute-Force
Web App Attack
๐ช๐ธ
alferez
2026-04-22 22:00:42
(2 months ago)
Searching hacked php files
Hacking
Exploited Host
Web App Attack