Anonymous
2026-07-06 15:00:09
(5 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
factor1
2026-07-06 07:27:58
(5 days ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
Anonymous
2026-07-06 05:16:46
(5 days ago)
(wordpress) Failed wordpress login from 165.56.14.28 (ZM/Zambia/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 05:14:18
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:14:14.483902 2026] [security2:error] [pid 21535:tid 21535] [client 165.56.14.28:40910] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.28 (+1 hits since last alert)|drdot.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drdot.xyz"] [uri "/xmlrpc.php"] [unique_id "aks5pkAesgM5IJVwZtUZ2QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-06 03:47:02
(5 days ago)
(wordpress) Failed wordpress login from 165.56.14.28 (ZM/Zambia/-)
Brute-Force
๐จ๐ฆ
Dunham Support
2026-07-06 03:16:59
(5 days ago)
(wordpress) Failed wordpress login from 165.56.14.28 (ZM/Zambia/-)
Brute-Force
๐ง๐ช
cmbplf
2026-07-05 20:00:30
(6 days ago)
2.083 requests from abuseipdb.com blacklisted IP (1yr1w5d)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-05 14:58:27
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:58:22.382767 2026] [security2:error] [pid 18993:tid 19117] [client 165.56.14.28:20920] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.28 (+1 hits since last alert)|supercyprus.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "supercyprus.com"] [uri "/xmlrpc.php"] [unique_id "akpxDo-AvVN6eQn7-X4BxQAAAlg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-05 13:16:56
(6 days ago)
Unauthorized access to webpage admin
Web App Attack
๐ช๐ธ
masterguru
2026-07-05 12:09:25
(6 days ago)
(xmlrpc) Failed xmlrpc access from 165.56.14.28 (ZM/Zambia/-): 5 in the last 3600 secs (0-122)
Hacking
๐ฉ๐ช
neckaralb-admin.de
2026-07-05 06:16:14
(6 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 04:09:25
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 00:09:17.556673 2026] [security2:error] [pid 32737:tid 32737] [client 165.56.14.28:3121] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.28 (+1 hits since last alert)|eye7graphics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "aknY7W-jZbO-nP5jg45OwgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 03:46:51
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:46:43.656342 2026] [security2:error] [pid 4530:tid 4530] [client 165.56.14.28:9272] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.28 (+1 hits since last alert)|sutherlandyogastudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sutherlandyogastudio.com"] [uri "/xmlrpc.php"] [unique_id "aknTo6NuEpee8kW_TdYcgQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-05 03:38:08
(6 days ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 18:45:05
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:44:59.818308 2026] [security2:error] [pid 16257:tid 16257] [client 165.56.14.28:30674] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.28 (+1 hits since last alert)|stoneybluff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoneybluff.com"] [uri "/xmlrpc.php"] [unique_id "aklUq1t2sWAxMQkVcR12vAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack