JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 156.155.14.28

156.155.14.28 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 52%: ?

52%

ISP	Axxess Networks
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37611
Hostname(s)	156-155-14-28.ip.internet.co.za
Domain Name	axxess.co.za
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 156.155.14.28

Whois 156.155.14.28

IP Abuse Reports for 156.155.14.28:

This IP address has been reported a total of 10 times from 9 distinct sources. 156.155.14.28 was first reported on November 22nd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 sasbau	2026-06-25 17:19:58 (2 days ago)	156.155.14.28 - - [25/Jun/2026:19:19:36 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "WordPress.co ... show more 156.155.14.28 - - [25/Jun/2026:19:19:36 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "WordPress.com; https://wordpress.com" 156.155.14.28 - - [25/Jun/2026:19:19:46 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack/12.0; WordPress/6.4; http://site15059426.com" 156.155.14.28 - - [25/Jun/2026:19:19:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack/12.5; WordPress/6.1; http://site60944767.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 14:26:45 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 156.155.14.28 (156-155-14-28.ip.internet.co.za) ... show more (mod_security) mod_security (id:240335) triggered by 156.155.14.28 (156-155-14-28.ip.internet.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:26:37.393114 2026] [security2:error] [pid 29168:tid 29168] [client 156.155.14.28:9021] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 156.155.14.28 (+1 hits since last alert)\|waterspell.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "waterspell.net"] [uri "/xmlrpc.php"] [unique_id "aj06nRSzciCUIEOK4sRWvwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 13:46:06 (2 days ago)	[redacted] 156.155.14.28 - - [25/Jun/2026:15:45:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ... show more [redacted] 156.155.14.28 - - [25/Jun/2026:15:45:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site64543009.com" [redacted] 156.155.14.28 - - [25/Jun/2026:15:45:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 156.155.14.28 - - [25/Jun/2026:15:45:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 156.155.14.28 - - [25/Jun/2026:15:45:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 156.155.14.28 - - [25/Jun/2026:15:46:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site47048203.com" ... show less	Hacking Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-24 16:55:50 (3 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ZA/South Africa/156-155-14-28.ip.internet.co.za	Web App Attack
Anonymous	2026-06-24 14:15:10 (3 days ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=diadromi.com; logs=/var/log/httpd/domains/diadromi.com.log; sa ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=diadromi.com; logs=/var/log/httpd/domains/diadromi.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 12:05:42 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 156.155.14.28 (156-155-14-28.ip.internet.co.za) ... show more (mod_security) mod_security (id:240335) triggered by 156.155.14.28 (156-155-14-28.ip.internet.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 08:05:34.704869 2026] [security2:error] [pid 28423:tid 28423] [client 156.155.14.28:48557] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 156.155.14.28 (+1 hits since last alert)\|rochesterhistorical.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rochesterhistorical.org"] [uri "/xmlrpc.php"] [unique_id "ajvIDsBS5zb19SFCFzqWuQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-24 11:49:24 (3 days ago)	[WedJun2413:49:17.8681632026][security2:error][pid354745:tid354792][client156.155.14.28:0]ModSecurit ... show more [WedJun2413:49:17.8681632026][security2:error][pid354745:tid354792][client156.155.14.28:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"gagspettacolo.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajvEPcUBBbL9_ioTGciJOwAAAMI\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-24 09:17:10 (3 days ago)	Attac	Brute-Force
🇫🇷 dynamix	2026-06-24 09:15:47 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2025-11-22 09:47:44 (7 months ago)	scanning http requests from known botnet	Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 82.223.31.24

🇨🇳 182.151.61.36

🇦🇷 181.46.66.232

🇺🇸 130.49.115.229

🇺🇸 96.35.4.110

🇺🇸 44.241.38.125

🇺🇸 44.132.81.17

🇯🇵 43.165.174.53

🇸🇪 170.168.242.63

🇺🇸 162.216.150.100

🇹🇼 111.70.23.236

🇰🇪 41.191.229.226

🇫🇷 207.180.226.155

🇪🇬 197.44.15.210

🇺🇸 193.203.8.85

🇺🇸 192.169.202.129

🇩🇪 185.30.32.68

🇺🇾 179.27.99.9

🇨🇦 134.122.41.206

🇮🇳 122.185.176.126