JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.49.161.56

161.49.161.56 was found in our database!

This IP was reported 82 times. Confidence of Abuse is 100%: ?

100%

ISP	CONVERGE INFORMATION AND COMMUNICATIONS TECHNOLOGY SOLUTIONS, INC
Usage Type	Fixed Line ISP
ASN	AS17639
Hostname(s)	161.49.161.56.convergeict.com
Domain Name	convergeict.com
Country	🇵🇭 Philippines
City	Quezon City, National Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.49.161.56

Whois 161.49.161.56

IP Abuse Reports for 161.49.161.56:

This IP address has been reported a total of 82 times from 46 distinct sources. 161.49.161.56 was first reported on August 26th 2021, and the most recent report was 14 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 andypiper	2026-06-05 01:03:02 (14 minutes ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇮🇹 Progetto1	2026-06-05 00:10:04 (1 hour ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-06-04 19:12:03 (6 hours ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-04 12:22:40 (12 hours ago)	Attac	Brute-Force
🇲🇾 Rizzy	2026-06-04 10:05:05 (15 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 09:40:28 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): ... show more (mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 05:40:21.657155 2026] [security2:error] [pid 23046:tid 23046] [client 161.49.161.56:65200] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.49.161.56 (+1 hits since last alert)\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cemesur-vision21.com"] [uri "/xmlrpc.php"] [unique_id "aiFIBbkUEk6gE1yDZBtAoQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 08:41:26 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): ... show more (mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:41:17.532165 2026] [security2:error] [pid 2156:tid 2156] [client 161.49.161.56:52974] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.49.161.56 (+1 hits since last alert)\|morninginc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "morninginc.com"] [uri "/xmlrpc.php"] [unique_id "aiE6LRkZbympaCfnoBsl4QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2026-06-04 08:05:37 (17 hours ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:40:24 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): ... show more (mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:40:16.756643 2026] [security2:error] [pid 21729:tid 21729] [client 161.49.161.56:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.49.161.56 (+1 hits since last alert)\|pixacast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pixacast.com"] [uri "/xmlrpc.php"] [unique_id "aiEr4MIlDUvwd6zWY7leFwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Kenshin869	2026-06-04 06:04:20 (19 hours ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 05:59:19 (19 hours ago)	(mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): ... show more (mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:59:14.326167 2026] [security2:error] [pid 6340:tid 6340] [client 161.49.161.56:54023] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.49.161.56 (+1 hits since last alert)\|constructionloansfunding.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "constructionloansfunding.com"] [uri "/xmlrpc.php"] [unique_id "aiEUMkBTcKGCyqHqy4fJ9wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 05:05:36 (20 hours ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (144/60 min)'; Requests=144	Port Scan
🇦🇺 AWW-Admin	2026-06-04 05:02:09 (20 hours ago)	(wordpress) Failed wordpress login from 161.49.161.56 (PH/Philippines/161.49.161.56.convergeict.com)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 04:35:13 (20 hours ago)	(mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): ... show more (mod_security) mod_security (id:240335) triggered by 161.49.161.56 (161.49.161.56.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 00:35:07.172498 2026] [security2:error] [pid 1484:tid 1484] [client 161.49.161.56:59839] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 161.49.161.56 (+1 hits since last alert)\|serranoscoffee.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "serranoscoffee.com"] [uri "/xmlrpc.php"] [unique_id "aiEAeysqa1h0jYpdAi4hAQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 04:31:19 (20 hours ago)	[redacted] 161.49.161.56 - - [04/Jun/2026:06:30:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "W ... show more [redacted] 161.49.161.56 - - [04/Jun/2026:06:30:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 161.49.161.56 - - [04/Jun/2026:06:30:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" [redacted] 161.49.161.56 - - [04/Jun/2026:06:30:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" [redacted] 161.49.161.56 - - [04/Jun/2026:06:31:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" [redacted] 161.49.161.56 - - [04/Jun/2026:06:31:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack

Showing 1 to 15 of 82 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c17::122

🇺🇸 205.210.31.92

🇬🇧 195.250.23.247

🇺🇸 172.215.144.32

🇺🇸 147.185.132.18

🇷🇴 193.32.162.60

🇨🇳 183.36.30.37

🇩🇪 167.172.187.11

🇺🇸 162.216.149.250

🇧🇬 109.107.83.220

🇺🇸 100.49.117.77

🇺🇸 100.29.192.57

🇺🇸 18.116.204.35

🇩🇪 213.209.159.56

🇺🇸 195.184.76.91

🇧🇷 187.17.224.139

🇧🇷 177.76.134.111

🇧🇷 170.245.18.249

🇺🇸 135.237.122.43

🇺🇸 135.119.96.220