JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2.49.147.247

2.49.147.247 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 71%: ?

71%

ISP	Emirates Telecommunications Corporation
Usage Type	Fixed Line ISP
ASN	AS5384
Hostname(s)	bba-2-49-147-247.alshamil.net.ae
Domain Name	etisalat.ae
Country	🇦🇪 United Arab Emirates
City	Dubai, Dubai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2.49.147.247

Whois 2.49.147.247

IP Abuse Reports for 2.49.147.247:

This IP address has been reported a total of 22 times from 14 distinct sources. 2.49.147.247 was first reported on June 5th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-09 00:57:08 (6 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-08 21:22:10 (6 days ago)	Attac	Brute-Force
🇲🇾 Rizzy	2026-06-08 17:04:35 (6 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-08 13:19:09 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-08 10:47:39 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:47:35.175719 2026] [security2:error] [pid 32658:tid 32658] [client 2.49.147.247:64293] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|cartiologyfilms.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cartiologyfilms.com"] [uri "/xmlrpc.php"] [unique_id "aiadx9BSZEoJFpKFxhDUrgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 08:21:15 (1 week ago)	2.49.147.247 - - [08/Jun/2026:10:20:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com ... show more 2.49.147.247 - - [08/Jun/2026:10:20:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com" 2.49.147.247 - - [08/Jun/2026:10:20:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" 2.49.147.247 - - [08/Jun/2026:10:21:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 2.49.147.247 - - [08/Jun/2026:10:21:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 2.49.147.247 - - [08/Jun/2026:10:21:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:21:27 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:21:19.650107 2026] [security2:error] [pid 14600:tid 14607] [client 2.49.147.247:49683] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|theyogicat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theyogicat.com"] [uri "/xmlrpc.php"] [unique_id "aiZfX4Th3_i-q_i0x0EtOwAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:05:11 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:05:06.722344 2026] [security2:error] [pid 17445:tid 17445] [client 2.49.147.247:55811] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|modmove.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modmove.com"] [uri "/xmlrpc.php"] [unique_id "aiYjUvpNeCnNR2AHuyeG6AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-07 23:15:37 (1 week ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 21:46:12 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:46:06.901367 2026] [security2:error] [pid 23528:tid 23528] [client 2.49.147.247:53489] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|desdier.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desdier.com"] [uri "/xmlrpc.php"] [unique_id "aiXmni3jwC44dIXGY5vxBwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 20:43:54 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:43:50.481980 2026] [security2:error] [pid 10533:tid 10533] [client 2.49.147.247:63048] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|bitcoincasting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bitcoincasting.com"] [uri "/xmlrpc.php"] [unique_id "aiXYBtccpboHXYcWUt4ThgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 16:16:13 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 16:16:08 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:16:03.660283 2026] [security2:error] [pid 9618:tid 9618] [client 2.49.147.247:59635] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|ssion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "aiWZQ_JiN3tapBkMHhr2BgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 08:36:31 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae) ... show more (mod_security) mod_security (id:240335) triggered by 2.49.147.247 (bba-2-49-147-247.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:36:23.447501 2026] [security2:error] [pid 6485:tid 6485] [client 2.49.147.247:50877] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.49.147.247 (+1 hits since last alert)\|drwolberg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drwolberg.com"] [uri "/xmlrpc.php"] [unique_id "aiUth_dCXtZqZulx615WCgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 08:26:16 (1 week ago)	[ssd5.kdns.gr] httpd-xmlrpc-post: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; sample ... show more [ssd5.kdns.gr] httpd-xmlrpc-post: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:2000::3d

🇺🇸 195.184.76.145

🇻🇳 183.91.11.226

🇺🇸 147.185.132.189

🇮🇩 103.110.34.131

🇮🇳 103.54.101.203

🇺🇸 20.14.74.210

🇨🇳 219.152.232.213

🇺🇸 172.190.89.127

🇸🇬 168.144.42.72

🇭🇰 154.221.28.214

🇺🇸 152.32.182.165

🇬🇷 83.235.16.111

🇺🇸 65.49.1.52

🇺🇸 13.59.211.104

🇯🇵 8.216.12.63

🇰🇷 220.77.214.59

🇰🇷 219.248.4.146

🇬🇧 193.163.125.134

🇩🇪 167.94.146.60