JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.145.212.16

49.145.212.16 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	HOME_DSL
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	dsl.49.145.212.16.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Cotabato, Autonomous Region in Muslim Mindanao

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.145.212.16

Whois 49.145.212.16

IP Abuse Reports for 49.145.212.16:

This IP address has been reported a total of 34 times from 28 distinct sources. 49.145.212.16 was first reported on April 19th 2026, and the most recent report was 49 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-16 08:59:00 (49 minutes ago)	[TueJun1610:58:56.0531752026][security2:error][pid3392274:tid3392524][client49.145.212.16:0]ModSecur ... show more [TueJun1610:58:56.0531752026][security2:error][pid3392274:tid3392524][client49.145.212.16:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"studiokellybenessere.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajEQUKoXrdd6g60UG67kbQAAAJA\"] show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-16 06:21:00 (3 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-06-16 02:54:55 (6 hours ago)	Try to access /xmlrpc.php	Web App Attack
🇳🇱 sernate	2026-06-15 10:54:50 (22 hours ago)	(XMLRPC) WP XMLPRC Attack 49.145.212.16 (PH/Philippines/dsl.49.145.212.16.pldt.net): 5 in the last 3 ... show more (XMLRPC) WP XMLPRC Attack 49.145.212.16 (PH/Philippines/dsl.49.145.212.16.pldt.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER show less	Brute-Force
🇫🇮 YF	2026-06-15 10:00:20 (23 hours ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇳🇱 wlt-blocker	2026-06-15 09:55:59 (23 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 mnsf	2026-06-13 10:07:49 (2 days ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇫🇷 Feelautom	2026-06-13 01:39:58 (3 days ago)	[FeelAutom Auto-Ban] AI Analyst: Attaque active sur /xmlrpc.php (PathScan)	Port Scan
Anonymous	2026-06-12 10:07:04 (3 days ago)	Trying to access config files	Web App Attack
🇺🇸 bigwavedave	2026-06-12 01:25:12 (4 days ago)	Wordpress Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:14:47 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 49.145.212.16 (dsl.49.145.212.16.pldt.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 49.145.212.16 (dsl.49.145.212.16.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:14:41.317155 2026] [security2:error] [pid 13882:tid 13882] [client 49.145.212.16:36274] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|coyotebytes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coyotebytes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aitdgc9AU8tLlsgIpjgZugAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 08:54:51 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 49.145.212.16 (dsl.49.145.212.16.pldt.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 49.145.212.16 (dsl.49.145.212.16.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:54:47.227664 2026] [security2:error] [pid 9850:tid 9850] [client 49.145.212.16:35238] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fundingangelinvestors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fundingangelinvestors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aip311_uCX1EoPmbCK1tsgAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 08:06:05 (5 days ago)	Trying to access config files	Web App Attack
Anonymous	2026-06-11 00:49:03 (5 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 10:04:50 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 49.145.212.16 (dsl.49.145.212.16.pldt.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 49.145.212.16 (dsl.49.145.212.16.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:04:42.556179 2026] [security2:error] [pid 7125:tid 7125] [client 49.145.212.16:33963] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eatcakecup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eatcakecup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aik2ut4uRDJXQpoRPQBwkgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.78

🇵🇪 190.119.63.98

🇳🇱 185.242.226.85

🇷🇴 80.94.92.178

🇫🇷 80.13.247.154

🇩🇪 69.5.169.65

🇺🇸 47.251.41.200

🇵🇰 202.47.36.206

🇲🇽 187.191.48.5

🇧🇷 177.54.62.68

🇩🇪 167.94.145.16

🇺🇸 157.245.1.7

🇨🇳 125.124.42.183

🇹🇷 78.186.164.40

🇮🇩 103.70.123.205

🇸🇪 81.236.211.54

🇸🇬 68.183.183.245

🇺🇸 66.132.172.35

🇺🇸 57.151.137.34

🇲🇩 45.15.226.44