JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.56.14.18

165.56.14.18 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 72%: ?

72%

ISP	Zambia Telecommunications Company Ltd aka ZAMTEL
Usage Type	Fixed Line ISP
ASN	AS37154
Domain Name	zamtel.co.zm
Country	🇿🇲 Zambia
City	Lusaka, Lusaka Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.56.14.18

Whois 165.56.14.18

IP Abuse Reports for 165.56.14.18:

This IP address has been reported a total of 20 times from 13 distinct sources. 165.56.14.18 was first reported on November 3rd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 noise.agency	2026-06-26 06:11:34 (2 days ago)	(wordpress) Failed wordpress login from 165.56.14.18 (ZM/Zambia/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 05:45:31 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 01:45:27.334056 2026] [security2:error] [pid 26431:tid 26448] [client 165.56.14.18:6306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 165.56.14.18 (+1 hits since last alert)\|peterhansenranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peterhansenranch.com"] [uri "/xmlrpc.php"] [unique_id "aj4R9xE4I-gmBKqvxEEp6QAAAY0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 04:42:23 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:42:18.415935 2026] [security2:error] [pid 18720:tid 18720] [client 165.56.14.18:63252] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 165.56.14.18 (+1 hits since last alert)\|blacktieokc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blacktieokc.com"] [uri "/xmlrpc.php"] [unique_id "aj4DKoO1GLOhIGL4erKjJAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-06-26 04:00:40 (3 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
Anonymous	2026-06-26 03:37:10 (3 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇧🇪 cmbplf	2026-06-25 22:30:55 (3 days ago)	4.016 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇫🇷 applemooz	2026-06-25 20:56:29 (3 days ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-06-25 19:23:42 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 14:35:55 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:35:48.627236 2026] [security2:error] [pid 10798:tid 10798] [client 165.56.14.18:5717] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 165.56.14.18 (+1 hits since last alert)\|calvaryadminservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "calvaryadminservices.com"] [uri "/xmlrpc.php"] [unique_id "aj08xC7kZevc8ni-LQQV5QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 14:03:01 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:02:58.029887 2026] [security2:error] [pid 8481:tid 8481] [client 165.56.14.18:48202] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 165.56.14.18 (+1 hits since last alert)\|anchor07.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "anchor07.com"] [uri "/xmlrpc.php"] [unique_id "aj01Evo7SWst-6MWCeft0QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 13:33:33 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 165.56.14.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 09:33:28.890056 2026] [security2:error] [pid 9422:tid 9422] [client 165.56.14.18:61787] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 165.56.14.18 (+1 hits since last alert)\|randymcelroy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "randymcelroy.com"] [uri "/xmlrpc.php"] [unique_id "aj0uKKHVqtJ-wvmYI6hmpgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2026-06-25 13:05:02 (3 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 integrantservices.com	2026-06-25 12:17:09 (3 days ago)	(wordpress) Failed wordpress login from 165.56.14.18 (ZM/Zambia/-)	Brute-Force
Anonymous	2026-06-25 11:46:09 (3 days ago)	[redacted] 165.56.14.18 - - [25/Jun/2026:13:45:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Wo ... show more [redacted] 165.56.14.18 - - [25/Jun/2026:13:45:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 165.56.14.18 - - [25/Jun/2026:13:45:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" [redacted] 165.56.14.18 - - [25/Jun/2026:13:45:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 165.56.14.18 - - [25/Jun/2026:13:45:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.2; http://site47945534.com" [redacted] 165.56.14.18 - - [25/Jun/2026:13:46:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇩🇪 konseptit	2026-06-25 07:08:52 (3 days ago)	(wordpress) Failed wordpress login from 165.56.14.18 (ZM/Zambia/-)	Brute-Force

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.155.108

🇸🇬 172.70.208.140

🇩🇪 164.92.161.148

🇰🇷 121.66.124.148

🇸🇬 111.119.247.253

🇸🇪 90.230.212.29

🇺🇸 66.42.4.90

🇩🇪 64.226.126.224

🇨🇳 61.190.16.210

🇺🇸 45.92.229.99

🇦🇺 35.244.126.128

🇧🇷 189.124.148.5

🇰🇷 111.171.125.94

🇰🇷 59.0.127.22

🇺🇸 35.230.35.205

🇷🇺 31.173.2.172

🇺🇸 216.239.34.223

🇷🇺 176.77.9.196

🇭🇰 159.138.146.214

🇺🇸 144.31.35.68