JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.156.81.200

49.156.81.200 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 16%: ?

16%

ISP	Quadrant Televentures Limited
Usage Type	Fixed Line ISP
ASN	AS17917
Domain Name	connectbroadband.in
Country	🇮🇳 India
City	Ludhiana, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.156.81.200

Whois 49.156.81.200

IP Abuse Reports for 49.156.81.200:

This IP address has been reported a total of 4 times from 2 distinct sources. 49.156.81.200 was first reported on June 13th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 10:57:29 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.156.81.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.156.81.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:57:23.802267 2026] [security2:error] [pid 26168:tid 26168] [client 49.156.81.200:33766] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.156.81.200 (+1 hits since last alert)\|newhopepetgrooming.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newhopepetgrooming.com"] [uri "/xmlrpc.php"] [unique_id "ai6JExCPZ8qYM5Av3hlwVQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 09:46:53 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.156.81.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.156.81.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 05:46:46.787223 2026] [security2:error] [pid 25779:tid 25779] [client 49.156.81.200:33256] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.156.81.200 (+1 hits since last alert)\|texascottagebakers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "texascottagebakers.com"] [uri "/xmlrpc.php"] [unique_id "ai54hn_QljvrnI3T1McySgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 04:03:32 (15 hours ago)	[redacted] 49.156.81.200 - - [14/Jun/2026:06:02:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ... show more [redacted] 49.156.81.200 - - [14/Jun/2026:06:02:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 49.156.81.200 - - [14/Jun/2026:06:02:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 49.156.81.200 - - [14/Jun/2026:06:03:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 49.156.81.200 - - [14/Jun/2026:06:03:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 49.156.81.200 - - [14/Jun/2026:06:03:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 16:12:19 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.156.81.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.156.81.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:12:12.408738 2026] [security2:error] [pid 26127:tid 26127] [client 49.156.81.200:36801] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.156.81.200 (+1 hits since last alert)\|snowrideadventures.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "snowrideadventures.com"] [uri "/xmlrpc.php"] [unique_id "ai2BXOFnCo7pQUoY7uPCrQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 202.105.98.252

🇳🇱 93.123.72.183

🇺🇸 47.251.9.15

🇯🇵 35.187.222.91

🇮🇱 2a06:c701:43f0:2200:cde3:2159:8983:2e2e

🇬🇧 2a06:4880:c000::e2

🇸🇬 219.74.241.217

🇺🇸 216.25.89.98

🇧🇪 198.235.24.254

🇧🇷 177.43.105.11

🇫🇷 109.123.250.122

🇨🇳 101.96.198.153

🇩🇪 74.80.89.243

🇭🇰 8.217.213.2

🇺🇸 198.199.94.79

🇸🇬 194.5.82.114

🇧🇷 190.115.84.25

🇨🇦 146.190.249.251

🇺🇸 100.29.192.32

🇺🇸 74.7.227.40