๐ฆ๐บ
screwlooseit.com.au
2026-06-25 08:35:41
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/telemedia-ap-dynamic-95.230.170.122.airtelbroadba ...
show more
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in
show less
Web App Attack
Anonymous
2026-06-24 09:12:18
(6 days ago)
[redacted] 122.170.230.95 - - [24/Jun/2026:11:11:34 +0200] "POST /xmlrpc.php HTTP/1.1" 403 1682 "-" ...
show more
[redacted] 122.170.230.95 - - [24/Jun/2026:11:11:34 +0200] "POST /xmlrpc.php HTTP/1.1" 403 1682 "-" "WordPress.com; https://wordpress.com"
[redacted] 122.170.230.95 - - [24/Jun/2026:11:11:45 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "WordPress.com; https://wordpress.com"
[redacted] 122.170.230.95 - - [24/Jun/2026:11:11:55 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Jetpack/13.0; WordPress/6.4; http://site56467979.com"
[redacted] 122.170.230.95 - - [24/Jun/2026:11:12:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Jetpack/12.1; WordPress/6.3; http://site29008542.com"
[redacted] 122.170.230.95 - - [24/Jun/2026:11:12:17 +0200] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-24 05:58:04
(6 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
Dolphi
2026-06-24 04:40:05
(6 days ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-06-24 04:25:23
(6 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 10:00:54
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 06:00:46.305780 2026] [security2:error] [pid 28016:tid 28016] [client 122.170.230.95:13218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|clayrivers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "clayrivers.com"] [uri "/xmlrpc.php"] [unique_id "ajpZTtiIzZKnb98aUbYpWwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 07:37:49
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 03:37:42.053974 2026] [security2:error] [pid 12345:tid 12345] [client 122.170.230.95:15306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|barigby.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barigby.com"] [uri "/xmlrpc.php"] [unique_id "ajo3xpd-Wa2h57D2lv-2PgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 04:08:49
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 00:08:45.855615 2026] [security2:error] [pid 31657:tid 31657] [client 122.170.230.95:15572] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|nearfieldchrist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nearfieldchrist.com"] [uri "/xmlrpc.php"] [unique_id "ajoGzWD4lauUpK8x2mmwigAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-23 04:05:44
(1 week ago)
[redacted] 122.170.230.95 - - [23/Jun/2026:06:05:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 122.170.230.95 - - [23/Jun/2026:06:05:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 122.170.230.95 - - [23/Jun/2026:06:05:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 122.170.230.95 - - [23/Jun/2026:06:05:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site50785530.com"
[redacted] 122.170.230.95 - - [23/Jun/2026:06:05:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 122.170.230.95 - - [23/Jun/2026:06:05:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-06-22 12:52:21
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 07:16:06
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:16:02.889908 2026] [security2:error] [pid 12163:tid 12163] [client 122.170.230.95:7676] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|diegogamazo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "diegogamazo.com"] [uri "/xmlrpc.php"] [unique_id "ajjhMnjFWLQ0JRH7B-w5JQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 05:12:56
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 01:12:49.758859 2026] [security2:error] [pid 8850:tid 8850] [client 122.170.230.95:13680] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|savingspools.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "savingspools.com"] [uri "/xmlrpc.php"] [unique_id "ajjEUfUFY80CPkgacDLm2wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 04:41:08
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:41:01.662992 2026] [security2:error] [pid 30923:tid 30923] [client 122.170.230.95:8480] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|fernfield.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fernfield.com"] [uri "/xmlrpc.php"] [unique_id "aji83VQP7IcQ8_RApgLGEwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 11:44:36
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170 ...
show more
(mod_security) mod_security (id:240335) triggered by 122.170.230.95 (telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 07:44:29.790496 2026] [security2:error] [pid 14176:tid 14176] [client 122.170.230.95:3449] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 122.170.230.95 (+1 hits since last alert)|feiz.church|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feiz.church"] [uri "/xmlrpc.php"] [unique_id "ajZ9HWvatUSw6UIFXpdSugAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-06-20 08:23:14
(1 week ago)
(wordpress) Failed wordpress login from 122.170.230.95 (IN/India/telemedia-ap-dynamic-95.230.170.122 ...
show more
(wordpress) Failed wordpress login from 122.170.230.95 (IN/India/telemedia-ap-dynamic-95.230.170.122.airtelbroadband.in)
show less
Brute-Force