๐บ๐ธ
kosada.com
2026-06-29 13:26:00
(2 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฉ๐ช
Vegascosmetics
2026-06-27 13:58:39
(4 days ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ฉ๐ช
Da_tschek
2026-05-22 19:03:03
(1 month ago)
Port scanning
Port Scan
Hacking
Anonymous
2026-04-30 06:23:19
(2 months ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
factor1
2026-04-28 09:00:01
(2 months ago)
Fail2ban at churndash Reports Abuse.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-28 07:15:10
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 03:15:04.514454 2026] [security2:error] [pid 4717:tid 4717] [client 165.16.186.67:27891] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.16.186.67 (+1 hits since last alert)|linhsbridal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "linhsbridal.com"] [uri "/xmlrpc.php"] [unique_id "afBeeILxmd8N6lBvOHIAhgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-04-28 07:11:10
(2 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-25 22:15:20
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 18:15:13.177796 2026] [security2:error] [pid 1531:tid 1531] [client 165.16.186.67:27690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.16.186.67 (+1 hits since last alert)|sharawi-gum.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sharawi-gum.com"] [uri "/xmlrpc.php"] [unique_id "ae088bBFzXhHK-_JEXB-RQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-25 13:37:20
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 09:37:15.007197 2026] [security2:error] [pid 31830:tid 31830] [client 165.16.186.67:27078] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.16.186.67 (+1 hits since last alert)|comunicacion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "comunicacion.com"] [uri "/xmlrpc.php"] [unique_id "aezDi5bvBHaOMYm70UaH_wAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-04-25 11:27:21
(2 months ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-04-25 10:59:30
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 06:59:27.606570 2026] [security2:error] [pid 14449:tid 14449] [client 165.16.186.67:27698] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.16.186.67 (+1 hits since last alert)|hydrusdetergents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hydrusdetergents.com"] [uri "/xmlrpc.php"] [unique_id "aeyejwpyiJ3SWe4m9F-FgAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
akasolutions.de
2026-04-25 10:55:08
(2 months ago)
(wordpress) Failed wordpress login from 165.16.186.67 (ZA/South Africa/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-25 09:53:36
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 165.16.186.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 05:53:29.727932 2026] [security2:error] [pid 22001:tid 22015] [client 165.16.186.67:27890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.16.186.67 (+1 hits since last alert)|ceol.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ceol.com"] [uri "/xmlrpc.php"] [unique_id "aeyPGQ4W_ayhylGFF3j0SAAAAUU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-04-22 16:48:21
(2 months ago)
165.16.186.67 - - [22/Apr/2026:18:47:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack by ...
show more
165.16.186.67 - - [22/Apr/2026:18:47:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
165.16.186.67 - - [22/Apr/2026:18:48:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack/12.0; WordPress/6.2; http://site24648601.com"
165.16.186.67 - - [22/Apr/2026:18:48:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-04-20 15:16:39
(2 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack