๐บ๐ธ
TPI-Abuse
2026-07-06 08:01:00
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.160.241.143 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 103.160.241.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:00:55.106087 2026] [security2:error] [pid 349:tid 349] [client 103.160.241.143:54747] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.160.241.143 (+1 hits since last alert)|bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "aktgt4B8platBbokRqTmCQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-06 05:53:54
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
-
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-03 09:40:18
(4 days ago)
(wordpress) Failed wordpress login from 103.160.241.143 (IN/India/-)
Brute-Force
Anonymous
2026-06-26 15:26:46
(1 week ago)
[redacted] 103.160.241.143 - - [26/Jun/2026:17:26:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 103.160.241.143 - - [26/Jun/2026:17:26:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.160.241.143 - - [26/Jun/2026:17:26:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 103.160.241.143 - - [26/Jun/2026:17:26:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site31825068.com"
[redacted] 103.160.241.143 - - [26/Jun/2026:17:26:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site63180955.com"
[redacted] 103.160.241.143 - - [26/Jun/2026:17:26:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-13 06:53:06
(3 weeks ago)
[redacted] 103.160.241.143 - - [13/Jun/2026:08:52:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 103.160.241.143 - - [13/Jun/2026:08:52:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.160.241.143 - - [13/Jun/2026:08:52:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 103.160.241.143 - - [13/Jun/2026:08:52:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.1; http://site19367335.com"
[redacted] 103.160.241.143 - - [13/Jun/2026:08:52:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.160.241.143 - - [13/Jun/2026:08:53:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site46846215.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-09 05:17:35
(4 weeks ago)
[redacted] 103.160.241.143 - - [09/Jun/2026:07:16:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 103.160.241.143 - - [09/Jun/2026:07:16:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 103.160.241.143 - - [09/Jun/2026:07:17:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 103.160.241.143 - - [09/Jun/2026:07:17:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
[redacted] 103.160.241.143 - - [09/Jun/2026:07:17:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 103.160.241.143 - - [09/Jun/2026:07:17:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-05 10:51:51
(1 month ago)
Fail2Ban WordPress login brute-force detected
Brute-Force
Web App Attack
Anonymous
2026-06-05 07:15:31
(1 month ago)
[redacted] 103.160.241.143 - - [05/Jun/2026:09:14:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 103.160.241.143 - - [05/Jun/2026:09:14:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 103.160.241.143 - - [05/Jun/2026:09:14:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site18276486.com"
[redacted] 103.160.241.143 - - [05/Jun/2026:09:15:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 103.160.241.143 - - [05/Jun/2026:09:15:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 103.160.241.143 - - [05/Jun/2026:09:15:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 10:16:38
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 103.160.241.143 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 103.160.241.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 06:16:33.341242 2026] [security2:error] [pid 13799:tid 13799] [client 103.160.241.143:61278] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.160.241.143 (+1 hits since last alert)|lesdaniels.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lesdaniels.com"] [uri "/xmlrpc.php"] [unique_id "ah1cATmAwk8GY-VIGM84awAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-30 15:48:18
(1 month ago)
[redacted] 103.160.241.143 - - [30/May/2026:17:47:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" ...
show more
[redacted] 103.160.241.143 - - [30/May/2026:17:47:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.1; WordPress/6.3; http://site37245311.com"
[redacted] 103.160.241.143 - - [30/May/2026:17:47:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.0; WordPress/6.1; http://site67339366.com"
[redacted] 103.160.241.143 - - [30/May/2026:17:47:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com"
[redacted] 103.160.241.143 - - [30/May/2026:17:48:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com"
[redacted] 103.160.241.143 - - [30/May/2026:17:48:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.0; WordPress/6.4; http://site84787217.com"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-05-30 10:39:49
(1 month ago)
Unauthorized access to webpage admin
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-05-29 11:29:22
(1 month ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
-
Web App Attack
Anonymous
2026-05-28 08:20:24
(1 month ago)
[redacted] 103.160.241.143 - - [28/May/2026:10:19:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 103.160.241.143 - - [28/May/2026:10:19:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 103.160.241.143 - - [28/May/2026:10:19:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.3; http://site74197713.com"
[redacted] 103.160.241.143 - - [28/May/2026:10:20:02 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site25203213.com"
[redacted] 103.160.241.143 - - [28/May/2026:10:20:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.160.241.143 - - [28/May/2026:10:20:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site52859508.com"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
Tha_14
2026-05-16 07:09:25
(1 month ago)
Limit on login attempts is reached
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-15 08:14:37
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 103.160.241.143 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 103.160.241.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:14:30.551003 2026] [security2:error] [pid 7618:tid 7618] [client 103.160.241.143:1791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.160.241.143 (+1 hits since last alert)|bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "agbV5ux-06BnAksirB_OZwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack