JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.146.42.69

49.146.42.69 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 36%: ?

36%

ISP	HOME_DSL
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	dsl.49.146.42.69.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Cagayan de Oro, Northern Mindanao

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.146.42.69

Whois 49.146.42.69

IP Abuse Reports for 49.146.42.69:

This IP address has been reported a total of 12 times from 7 distinct sources. 49.146.42.69 was first reported on November 26th 2022, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 19:57:48 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:57:43.634642 2026] [security2:error] [pid 15452:tid 15452] [client 49.146.42.69:6217] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.146.42.69 (+1 hits since last alert)\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "ajbwt2lWqCSAQZg6E2veuAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-20 19:25:07 (10 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-20 16:33:51 (13 hours ago)	[server.tmg.gr] httpd-xmlrpc-post: sites=aegeanpvdforum.com; logs=/var/log/httpd/domains/aegeanpvdfo ... show more [server.tmg.gr] httpd-xmlrpc-post: sites=aegeanpvdforum.com; logs=/var/log/httpd/domains/aegeanpvdforum.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 13:18:54 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:18:48.553125 2026] [security2:error] [pid 4913:tid 4913] [client 49.146.42.69:5644] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.146.42.69 (+1 hits since last alert)\|phoboschildren.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "phoboschildren.com"] [uri "/xmlrpc.php"] [unique_id "ajaTOHtXhRErohJN65WwdAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-06-19 19:35:31 (1 day ago)	(xmlrpc) Failed xmlrpc access from 49.146.42.69 (PH/Philippines/dsl.49.146.42.69.pldt.net): 5 in the ... show more (xmlrpc) Failed xmlrpc access from 49.146.42.69 (PH/Philippines/dsl.49.146.42.69.pldt.net): 5 in the last 3600 secs (0-122) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-19 10:43:21 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:43:18.471563 2026] [security2:error] [pid 22317:tid 22379] [client 49.146.42.69:5201] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|conservativelabor.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "conservativelabor.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajUdRo2YPwDO7dA46RuOrgAAAkU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 10:06:04 (1 day ago)	Trying to access config files	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 09:56:33 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 05:56:26.549068 2026] [security2:error] [pid 9608:tid 9608] [client 49.146.42.69:7122] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.146.42.69 (+1 hits since last alert)\|versallis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "versallis.com"] [uri "/xmlrpc.php"] [unique_id "ajUSSmwnQQZ1TuB88rIulgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 07:54:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:54:44.246965 2026] [security2:error] [pid 27338:tid 27338] [client 49.146.42.69:5255] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.146.42.69 (+1 hits since last alert)\|mavikalem.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mavikalem.org"] [uri "/xmlrpc.php"] [unique_id "ajT1xEgJY86GZrGCHE6OjgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 07:25:19 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 49.146.42.69 (dsl.49.146.42.69.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:25:13.433364 2026] [security2:error] [pid 2937:tid 2937] [client 49.146.42.69:6161] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.146.42.69 (+1 hits since last alert)\|dalessalesandservice.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dalessalesandservice.com"] [uri "/xmlrpc.php"] [unique_id "ajTu2dgyCVIebDJMGAUulwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 IP Analyzer	2022-11-27 00:30:20 (3 years ago)	Unauthorized connection attempt from IP address 49.146.42.69 on Port 445(SMB)	Port Scan
🇱🇹 NotACaptcha	2022-11-26 23:20:12 (3 years ago)	Unauthorised access (Nov 27 06:20) SRC=49.146.42.69 LEN=52 TTL=112 ID=8657 DF TCP DPT=445 WINDOW=819 ... show more Unauthorised access (Nov 27 06:20) SRC=49.146.42.69 LEN=52 TTL=112 ID=8657 DF TCP DPT=445 WINDOW=8192 SYN show less	Port Scan

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.22

🇺🇸 185.159.83.177

🇺🇸 143.42.1.185

🇳🇱 89.21.67.146

🇺🇸 66.132.172.159

🇺🇸 47.215.0.185

🇳🇱 45.148.10.64

🇧🇷 20.206.88.164

🇺🇸 20.80.52.246

🇺🇸 20.65.169.214

🇳🇱 5.61.209.43

🇺🇸 2602:fa59:10:65a::1

🇮🇩 202.145.0.61

🇩🇪 194.88.98.107

🇩🇪 151.240.172.129

🇮🇩 101.255.107.33

🇨🇦 85.217.149.16

🇺🇸 72.88.254.218

🇸🇬 43.156.141.246

🇮🇳 2401:4900:87f7:d5c8:d73:e929:d9e7:4cf6