JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.48.79.1

157.48.79.1 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 27%: ?

27%

ISP	Reliance Jio infocomm ltd
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Jaipur, Rajasthan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.48.79.1

Whois 157.48.79.1

IP Abuse Reports for 157.48.79.1:

This IP address has been reported a total of 6 times from 4 distinct sources. 157.48.79.1 was first reported on June 21st 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Jason Howell	2026-06-24 07:58:04 (4 days ago)	157.48.79.1 - - [24/Jun/2026:02:57:21 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "Jetpack by Wo ... show more 157.48.79.1 - - [24/Jun/2026:02:57:21 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 157.48.79.1 - - [24/Jun/2026:02:57:31 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "WordPress.com; https://wordpress.com" 157.48.79.1 - - [24/Jun/2026:02:57:44 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "WordPress.com; https://wordpress.com" 157.48.79.1 - - [24/Jun/2026:02:57:52 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" 157.48.79.1 - - [24/Jun/2026:02:58:03 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 00:21:47 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 157.48.79.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 157.48.79.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 20:21:34.775306 2026] [security2:error] [pid 32687:tid 32687] [client 157.48.79.1:57360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 157.48.79.1 (+1 hits since last alert)\|globaldentalservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "ajiADoReeX9LEElUpUywzQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-22 00:20:06 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-21 11:24:59 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 157.48.79.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 157.48.79.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 07:24:48.688710 2026] [security2:error] [pid 21946:tid 21946] [client 157.48.79.1:59806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 157.48.79.1 (+1 hits since last alert)\|doreenkimura.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doreenkimura.com"] [uri "/xmlrpc.php"] [unique_id "ajfKABjRvL0t6A_L8s1ROwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-21 11:23:32 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 10:57:49 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 157.48.79.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 157.48.79.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:57:38.133487 2026] [security2:error] [pid 2919:tid 2919] [client 157.48.79.1:61448] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 157.48.79.1 (+1 hits since last alert)\|crep-psych.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "crep-psych.org"] [uri "/xmlrpc.php"] [unique_id "ajfDopkEqHRGhOplsqB-5AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 216.238.101.123

🇺🇦 212.90.169.79

🇺🇸 162.158.90.63

🇩🇪 85.215.202.39

🇺🇸 47.251.27.189

🇯🇵 47.74.19.210

🇺🇸 4.246.117.137

🇳🇱 204.76.203.219

🇮🇳 202.53.94.246

🇧🇷 187.7.165.25

🇩🇪 172.252.8.49

🇮🇱 172.69.128.151

🇺🇸 172.64.217.44

🇺🇸 166.77.36.7

🇸🇪 82.209.191.11

🇺🇸 65.49.1.49

🇺🇸 50.116.72.11

🇲🇾 47.250.178.80

🇲🇾 47.250.90.214

🇩🇪 47.245.139.137