JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.49.31.129

197.49.31.129 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 49%: ?

49%

ISP	TE Data
Usage Type	Fixed Line ISP
ASN	AS8452
Domain Name	tedata.net
Country	🇪🇬 Egypt
City	Giza, Giza

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.49.31.129

Whois 197.49.31.129

IP Abuse Reports for 197.49.31.129:

This IP address has been reported a total of 11 times from 8 distinct sources. 197.49.31.129 was first reported on June 3rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 integrantservices.com	2026-06-07 18:04:22 (1 day ago)	(wordpress) Failed wordpress login from 197.49.31.129 (EG/Egypt/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 16:55:48 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 197.49.31.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 197.49.31.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 12:55:41.091893 2026] [security2:error] [pid 8486:tid 8486] [client 197.49.31.129:52079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.49.31.129 (+1 hits since last alert)\|techoutletec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "techoutletec.com"] [uri "/xmlrpc.php"] [unique_id "aiL_jZvbmcUW1qe-vya1IgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TAY	2026-06-05 16:21:46 (3 days ago)	197.49.31.129 - - [06/Jun/2026:00:21:25 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "Jetpack by ... show more 197.49.31.129 - - [06/Jun/2026:00:21:25 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" 197.49.31.129 - - [06/Jun/2026:00:21:35 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" 197.49.31.129 - - [06/Jun/2026:00:21:45 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "Jetpack by WordPress.com" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 15:54:09 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 197.49.31.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 197.49.31.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 11:54:01.275748 2026] [security2:error] [pid 29605:tid 29605] [client 197.49.31.129:55596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.49.31.129 (+1 hits since last alert)\|nordicbuilders.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicbuilders.net"] [uri "/xmlrpc.php"] [unique_id "aiLxGS0jrkzfLg-dQrs0vwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 19:26:26 (4 days ago)	(wordpress) Failed wordpress login from 197.49.31.129 (EG/Egypt/Giza/-/-/[redacted])	Brute-Force
🇺🇸 integrantservices.com	2026-06-04 18:45:33 (4 days ago)	(wordpress) Failed wordpress login from 197.49.31.129 (EG/Egypt/-)	Brute-Force
Anonymous	2026-06-04 18:15:38 (4 days ago)		Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-06-04 15:05:14 (4 days ago)	(xmlrpc) Failed xmlrpc access from 197.49.31.129 (EG/Egypt/-): 5 in the last 3600 secs (0-122)	Hacking
🇺🇸 TPI-Abuse	2026-06-04 14:32:41 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 197.49.31.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 197.49.31.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:32:34.641184 2026] [security2:error] [pid 3413:tid 3413] [client 197.49.31.129:58367] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.49.31.129 (+1 hits since last alert)\|geriterry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geriterry.com"] [uri "/xmlrpc.php"] [unique_id "aiGMghO_7o1W_nsrd4z2mQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 19:18:10 (5 days ago)	Attac	Brute-Force
🇫🇷 Kenshin869	2026-06-03 17:13:34 (5 days ago)	Wordpress unauthorized access attempt	Brute-Force

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 138.197.175.170

🇷🇺 95.106.203.152

🇪🇸 90.162.116.66

🇧🇷 191.254.76.104

🇨🇦 138.197.167.210

🇨🇦 138.197.166.217

🇨🇦 138.197.141.199

🇺🇸 138.197.113.76

🇺🇬 129.205.2.18

🇳🇱 5.83.143.119

🇺🇸 138.128.140.83

🇺🇸 138.128.140.81

🇺🇸 138.128.140.80

🇸🇬 101.47.142.8

🇵🇱 87.251.64.146

🇭🇰 34.92.59.134

🇨🇦 20.43.8.114

🇺🇸 5.181.219.63

🇷🇺 5.143.96.254

🇧🇪 207.175.69.178