๐บ๐ธ
TPI-Abuse
2026-07-09 08:28:00
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:27:56.700335 2026] [security2:error] [pid 7025:tid 7025] [client 165.56.14.59:60399] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.59 (+1 hits since last alert)|jdsqrd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jdsqrd.com"] [uri "/xmlrpc.php"] [unique_id "ak9bjCGdXze71HyqrNm8TgAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-09 08:24:15
(18 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
NewWavesApp
2026-07-09 05:21:40
(21 hours ago)
(wordpress) Failed wordpress login from 165.56.14.59 (ZM/Zambia/-): (CF_ENABLE)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-09 02:39:16
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 22:39:10.664880 2026] [security2:error] [pid 24158:tid 24158] [client 165.56.14.59:54936] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.59 (+1 hits since last alert)|karenbernsteinlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "karenbernsteinlaw.com"] [uri "/xmlrpc.php"] [unique_id "ak8JzoC_hvVmXQQYdzZ2zQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-09 01:13:31
(1 day ago)
2.519 requests from abuseipdb.com blacklisted IP (1yr1mo4w)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 00:25:53
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 20:25:47.450379 2026] [security2:error] [pid 17280:tid 17280] [client 165.56.14.59:46849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.59 (+1 hits since last alert)|disio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "disio.com"] [uri "/xmlrpc.php"] [unique_id "ak7qi6t_zDVUfZnSkXj6ygAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 21:21:21
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 17:21:16.445900 2026] [security2:error] [pid 15543:tid 15543] [client 165.56.14.59:44963] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.59 (+1 hits since last alert)|ohanameetup.party|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ohanameetup.party"] [uri "/xmlrpc.php"] [unique_id "ak6_TEPJz5Y460E2NcyeKAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-08 17:31:32
(1 day ago)
(xmlrpc) Failed xmlrpc access from 165.56.14.59 (ZM/Zambia/-): 5 in the last 3600 secs (0-122)
Hacking
๐ฆ๐บ
screwlooseit.com.au
2026-07-08 17:29:31
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ZM/Zambia/-
Web App Attack
๐ช๐ธ
alferez
2026-07-08 15:26:21
(1 day ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-08 15:06:24
(1 day ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 13:18:23
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 09:18:20.081669 2026] [security2:error] [pid 29739:tid 29739] [client 165.56.14.59:20973] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.59 (+1 hits since last alert)|atidysort.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "atidysort.com"] [uri "/xmlrpc.php"] [unique_id "ak5OHNyPcGKOfy_EQbBM-QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 05:23:26
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 165.56.14.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 01:23:19.998117 2026] [security2:error] [pid 21671:tid 21671] [client 165.56.14.59:59484] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 165.56.14.59 (+1 hits since last alert)|newcitypark.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newcitypark.com"] [uri "/xmlrpc.php"] [unique_id "ak3ex0x69Q2TT6Y7XR_eaAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marc
2026-07-08 02:12:17
(2 days ago)
165.56.14.59 - - [08/Jul/2026:04:11:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "WordPress.co ...
show more
165.56.14.59 - - [08/Jul/2026:04:11:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "WordPress.com; https://wordpress.com" 165.56.14.59 - - [08/Jul/2026:04:12:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3466 "-" "WordPress.com; https://wordpress.com" 165.56.14.59 - - [08/Jul/2026:04:12:16 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3467 "-" "Jetpack by WordPress.com"
show less
Brute-Force
Web App Attack
๐ฉ๐ช
rh24
2026-07-07 21:55:48
(2 days ago)
(xmlrpc_405) XMLRPC-Bot 405 165.56.14.59 (ZM/Zambia/-)
Hacking