JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.145.211.22

49.145.211.22 was found in our database!

This IP was reported 59 times. Confidence of Abuse is 34%: ?

34%

ISP	HOME_DSL
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	dsl.49.145.211.22.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Davao, Davao Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.145.211.22

Whois 49.145.211.22

IP Abuse Reports for 49.145.211.22:

This IP address has been reported a total of 59 times from 43 distinct sources. 49.145.211.22 was first reported on January 8th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-04-25 05:35:51 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 49.145.211.22 (PH/Philippines/dsl.4 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 49.145.211.22 (PH/Philippines/dsl.49.145.211.22.pldt.net): 1 in the last 3600 secs show less	Web App Attack
🇨🇭 4server	2026-04-23 09:06:44 (1 month ago)	[ThuApr2311:06:40.8268952026][security2:error][pid3149159:tid3149169][client49.145.211.22:0]ModSecur ... show more [ThuApr2311:06:40.8268952026][security2:error][pid3149159:tid3149169][client49.145.211.22:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"ch-garantie.ch\"][uri\"/xmlrpc.php\"][unique_id\"aenhIOAuVUimc5XpBcAcCwAAAMg\"] show less	Hacking Web App Attack
🇳🇱 Site.eu	2026-04-23 03:43:06 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 big-cloud.nl	2026-04-23 02:24:14 (1 month ago)	Try to access /xmlrpc.php	Web App Attack
🇩🇪 stinpriza	2026-04-22 01:09:05 (1 month ago)	Web App Attack	Web App Attack
🇪🇸 alferez	2026-04-21 09:24:16 (1 month ago)	Multiple WP Login Attack	Brute-Force
Anonymous	2026-04-21 03:24:32 (1 month ago)	(wordpress) Failed wordpress login from 49.145.211.22 (PH/Philippines/dsl.49.145.211.22.pldt.net)	Brute-Force
🇬🇧 Apache	2026-04-21 00:32:40 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 49.145.211.22 (PH/Philippines/dsl.49.145.211.22 ... show more (mod_security) mod_security (id:240335) triggered by 49.145.211.22 (PH/Philippines/dsl.49.145.211.22.pldt.net): 5 in the last 300 secs show less	Brute-Force Web App Attack
Anonymous	2026-04-20 07:30:35 (1 month ago)	49.145.211.22 - - [20/Apr/2026:09:27:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 ... show more 49.145.211.22 - - [20/Apr/2026:09:27:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/74.0.0.0 Safari/537.36" 49.145.211.22 - - [20/Apr/2026:09:27:04 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/74.0.0.0 Safari/537.36" 49.145.211.22 - - [20/Apr/2026:09:30:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/70.0.0.0 Safari/537.36" 49.145.211.22 - - [20/Apr/2026:09:30:08 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/70.0.0.0 Safari/537.36" 49.145.211.22 - - [20/Apr/2026:09:30:34 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/100.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 Penny Packer	2026-04-18 10:32:17 (1 month ago)	Fail2Ban apache-tripwires	Web App Attack
🇩🇪 HERA - Operations	2026-04-18 10:16:10 (1 month ago)	scelly - searching for vulnerable scripts: xmlrpc.php 2026/04/18 10:16:10	Web App Attack
🇩🇪 LRob.fr	2026-04-18 07:45:06 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-04-18 06:28:59 (1 month ago)	Probing websites for vulnerabilities	Web App Attack
🇩🇪 4server	2026-04-18 05:45:59 (1 month ago)	[SatApr1807:45:52.8735022026][security2:error][pid2987724:tid2987738][client49.145.211.22:0]ModSecur ... show more [SatApr1807:45:52.8735022026][security2:error][pid2987724:tid2987738][client49.145.211.22:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"martinairsagl.ch\"][uri\"/xmlrpc.php\"][unique_id\"aeMakF75BG0_RZPd3UzzngAAAAs\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-04-18 04:16:05 (1 month ago)	49.145.211.22 - - [18/Apr/2026:06:13:50 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 ... show more 49.145.211.22 - - [18/Apr/2026:06:13:50 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/94.0.0.0 Safari/537.36" 49.145.211.22 - - [18/Apr/2026:06:13:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/94.0.0.0 Safari/537.36" 49.145.211.22 - - [18/Apr/2026:06:14:54 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/81.0.0.0 Safari/537.36" 49.145.211.22 - - [18/Apr/2026:06:14:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/81.0.0.0 Safari/537.36" 49.145.211.22 - - [18/Apr/2026:06:16:02 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 59 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4023:807::5f

🇺🇸 2400:cb00:719:1000:7fd3:80ec:9959:20f

🇺🇸 2400:cb00:719:1000:7432:829:bc01:4b88

🇺🇸 2400:cb00:719:1000:6b34:1640:b881:4d13

🇺🇸 2400:cb00:646:1000:f00f:6191:e59d:46b4

🇺🇸 2400:cb00:646:1000:d559:476a:398b:1480

🇧🇪 185.132.187.215

🇮🇩 182.9.193.106

🇵🇱 95.214.55.94

🇬🇧 87.115.211.6

🇩🇪 51.89.39.36

🇳🇱 45.153.34.71

🇺🇸 35.255.196.200

🇺🇸 34.172.22.159

🇺🇸 2400:cb00:646:1000:b362:97cd:aef1:cdaf

🇺🇸 2400:cb00:646:1000:2869:ce16:e7da:e55e

🇺🇸 2400:cb00:646:1000:1426:28f8:142d:7046

🇺🇸 2400:cb00:509:1000:b256:68c6:716c:1e25

🇺🇸 2400:cb00:509:1000:a37b:f263:77fd:152b

🇺🇸 2400:cb00:509:1000:8d78:b0c5:e271:74a4