JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 50.37.127.140

50.37.127.140 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 44%: ?

44%

ISP	Ziply Fiber
Usage Type	Fixed Line ISP
ASN	AS20055
Domain Name	ziplyfiber.com
Country	🇺🇸 United States of America
City	Coeur d'Alene, Idaho

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 50.37.127.140

Whois 50.37.127.140

IP Abuse Reports for 50.37.127.140:

This IP address has been reported a total of 15 times from 11 distinct sources. 50.37.127.140 was first reported on May 30th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-07 14:50:10 (2 weeks ago)	Attac	Brute-Force
🇺🇸 integrantservices.com	2026-06-07 07:49:27 (2 weeks ago)	(wordpress) Failed wordpress login from 50.37.127.140 (US/United States/-)	Brute-Force
🇳🇱 ConsulHosting	2026-06-07 03:58:46 (2 weeks ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇩🇪 rh24	2026-06-06 22:45:26 (2 weeks ago)	(wordpress) Failed wordpress login from 50.37.127.140 (US/United States/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-06 11:47:53 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 07:47:47.868821 2026] [security2:error] [pid 7257:tid 7336] [client 50.37.127.140:64533] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 50.37.127.140 (+1 hits since last alert)\|whatismetamodern.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "aiQI45QvRfMPa5U-qieWlAAAAdc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 07:02:10 (2 weeks ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2026-06-05 20:42:50 (2 weeks ago)	Blocked by ModSec and CSF	Port Scan
🇺🇸 TPI-Abuse	2026-06-05 15:39:18 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 11:39:13.441954 2026] [security2:error] [pid 11184:tid 11184] [client 50.37.127.140:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 50.37.127.140 (+1 hits since last alert)\|pixacast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pixacast.com"] [uri "/xmlrpc.php"] [unique_id "aiLtof90PtPX1x0NZuEDhwAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 08:28:47 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 07:25:27 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 03:25:19.727940 2026] [security2:error] [pid 28148:tid 28148] [client 50.37.127.140:58571] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 50.37.127.140 (+1 hits since last alert)\|citrineartstudio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "citrineartstudio.com"] [uri "/xmlrpc.php"] [unique_id "aiJ534VGJZeu58djaTMLoAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 03:38:19 (2 weeks ago)	50.37.127.140 - - [05/Jun/2026:05:37:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by W ... show more 50.37.127.140 - - [05/Jun/2026:05:37:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 50.37.127.140 - - [05/Jun/2026:05:37:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 50.37.127.140 - - [05/Jun/2026:05:38:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" 50.37.127.140 - - [05/Jun/2026:05:38:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" 50.37.127.140 - - [05/Jun/2026:05:38:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.1; WordPress/6.3; http://site33227319.com" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-05 03:11:31 (2 weeks ago)	[server.tmg.gr] httpd-xmlrpc-post: sites=bridgesofpneumonology2026.com; logs=/var/log/httpd/domains/ ... show more [server.tmg.gr] httpd-xmlrpc-post: sites=bridgesofpneumonology2026.com; logs=/var/log/httpd/domains/bridgesofpneumonology2026.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇫🇷 applemooz	2026-06-05 01:05:04 (2 weeks ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 01:16:28 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 50.37.127.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 21:16:23.948582 2026] [security2:error] [pid 12012:tid 12049] [client 50.37.127.140:49967] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 50.37.127.140 (+1 hits since last alert)\|planmytrust.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "planmytrust.com"] [uri "/xmlrpc.php"] [unique_id "aho6Z_3-3_qxCYyFR2qhggAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-30 00:32:44 (3 weeks ago)	5.072 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.13.26.42

🇯🇵 153.246.198.45

🇫🇮 147.185.133.148

🇨🇳 110.53.24.55

🇰🇷 110.14.190.221

🇳🇱 103.176.90.41

🇪🇸 80.36.144.50

🇱🇹 45.227.254.170

🇰🇷 34.50.7.220

🇨🇳 14.103.119.118

🇸🇬 2a09:bac1:6540:8::3c5:1c

🇺🇸 136.117.240.71

🇨🇳 106.12.144.153

🇺🇿 62.209.140.209

🇫🇷 51.38.12.23

🇺🇸 45.38.20.240

🇮🇱 35.252.1.49

🇬🇧 35.203.210.250

🇬🇧 194.50.235.147

🇹🇹 186.45.132.166