๐ช๐ธ
masterguru
2026-07-14 13:47:05
(2 days ago)
(xmlrpc) Failed xmlrpc access from 125.22.169.110 (IN/India/aes-static-110.169.22.125.airtel.in): 5 ...
show more
(xmlrpc) Failed xmlrpc access from 125.22.169.110 (IN/India/aes-static-110.169.22.125.airtel.in): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-14 12:14:43
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 08:14:35.574973 2026] [security2:error] [pid 19953:tid 19953] [client 125.22.169.110:50415] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|frogdesignmexico.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "alYoK3QpEV0ipAD-OxUeTQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 06:29:19
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:29:13.325513 2026] [security2:error] [pid 20087:tid 20087] [client 125.22.169.110:56044] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|high5-vr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "high5-vr.com"] [uri "/xmlrpc.php"] [unique_id "alXXOS4NWHSvGvtjoSXq9QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-14 03:30:20
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-14 02:33:05
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:33:00.355116 2026] [security2:error] [pid 14652:tid 14652] [client 125.22.169.110:58730] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|aandbnaturalfoods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aandbnaturalfoods.com"] [uri "/xmlrpc.php"] [unique_id "alWf3E-WM5cWV9cxHNMEUwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-13 22:00:49
(3 days ago)
POST /xmlrpc.php [13/Jul/2026:06:08:30
Brute-Force
Web App Attack
Anonymous
2026-07-13 18:37:21
(3 days ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=www.aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019 ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=www.aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
bazter.pro
2026-07-13 16:24:24
(3 days ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-13 16:22:59
(3 days ago)
(wordpress) Failed wordpress login from 125.22.169.110 (IN/India/aes-static-110.169.22.125.airtel.in ...
show more
(wordpress) Failed wordpress login from 125.22.169.110 (IN/India/aes-static-110.169.22.125.airtel.in): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 13:01:17
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 09:01:08.899672 2026] [security2:error] [pid 2032:tid 2032] [client 125.22.169.110:62067] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|truthsabouthealthcare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "truthsabouthealthcare.com"] [uri "/xmlrpc.php"] [unique_id "alThlNroij1-sa_ys6YCdQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:26:25
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:26:21.128918 2026] [security2:error] [pid 29281:tid 29281] [client 125.22.169.110:60009] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|arsenalfordemocracy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arsenalfordemocracy.com"] [uri "/xmlrpc.php"] [unique_id "alTLXanhrM7f6YQ5zPrucgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-13 11:07:38
(3 days ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:04:34
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:04:27.532989 2026] [security2:error] [pid 29788:tid 29788] [client 125.22.169.110:63336] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|localpetsitters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "localpetsitters.com"] [uri "/xmlrpc.php"] [unique_id "akQFK_N-GlI3ElG88ltN8AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
ICS Labs
2026-06-23 19:59:46
(3 weeks ago)
ICS Labs identified 125.22.169.110 as a malicious indicator from threat intelligence.
DDoS Attack
Port Scan
Hacking
Brute-Force
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-06-19 18:16:11
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airte ...
show more
(mod_security) mod_security (id:240335) triggered by 125.22.169.110 (aes-static-110.169.22.125.airtel.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 14:16:06.684513 2026] [security2:error] [pid 31288:tid 31288] [client 125.22.169.110:56034] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.22.169.110 (+1 hits since last alert)|naominixon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "naominixon.com"] [uri "/xmlrpc.php"] [unique_id "ajWHZimTWEz5qGoXX-J5SgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack