JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.200.45.66

49.200.45.66 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 83%: ?

83%

ISP	Tata Teleservices Limited -GSM Division
Usage Type	Fixed Line ISP
ASN	AS45820
Domain Name	tatatel.co.in
Country	🇮🇳 India
City	Chennai, Tamil Nadu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.200.45.66

Whois 49.200.45.66

IP Abuse Reports for 49.200.45.66:

This IP address has been reported a total of 80 times from 41 distinct sources. 49.200.45.66 was first reported on March 10th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 07:57:09 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.200.45.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.200.45.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:57:01.159175 2026] [security2:error] [pid 7869:tid 7869] [client 49.200.45.66:56496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.200.45.66 (+1 hits since last alert)\|lysedzija.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lysedzija.com"] [uri "/xmlrpc.php"] [unique_id "ajT2TbsZcBLvLknjeTfCYAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-19 06:52:32 (17 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 04:31:13 (19 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.200.45.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.200.45.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 00:31:06.282175 2026] [security2:error] [pid 27462:tid 27489] [client 49.200.45.66:51351] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.200.45.66 (+1 hits since last alert)\|cynosurelandscapers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurelandscapers.com"] [uri "/xmlrpc.php"] [unique_id "ajTGCuVqYgmuwtavQ5QH9wAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 10:44:02 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.200.45.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.200.45.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 06:43:55.395690 2026] [security2:error] [pid 28618:tid 28618] [client 49.200.45.66:50694] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.200.45.66 (+1 hits since last alert)\|artigelisim.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artigelisim.com"] [uri "/xmlrpc.php"] [unique_id "ajPL685b2wioXdlcrrNBmQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-18 10:38:46 (1 day ago)	(xmlrpc_405) XMLRPC-Bot 405 49.200.45.66 (IN/India/-)	Hacking
🇪🇸 gnom4ik	2026-06-13 16:37:20 (6 days ago)	ban-reviewer auto report; ip=49.200.45.66; scenario=http:exploit; verdict=valid_ban; confidence=0.92 ... show more ban-reviewer auto report; ip=49.200.45.66; scenario=http:exploit; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high; scenario_attack_class show less	Port Scan Hacking Brute-Force SSH
🇬🇧 Apache	2026-06-05 08:59:32 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 49.200.45.66 (IN/India/-): 5 in the last 300 se ... show more (mod_security) mod_security (id:240335) triggered by 49.200.45.66 (IN/India/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-04 12:52:23 (2 weeks ago)	(wordpress) Failed wordpress login from 49.200.45.66 (IN/India/static-66.45.200.49-tataidc.co.in)	Brute-Force
🇩🇪 Martin Lundstrom	2026-06-04 07:15:16 (2 weeks ago)	https://www.eagleeye-intelligence.com — WordPress attack. Automatically detected and blocked.	Web App Attack
🇩🇪 Marc	2026-06-03 13:22:20 (2 weeks ago)	49.200.45.66 - - [03/Jun/2026:15:21:53 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3219 "-" "Jetpack by W ... show more 49.200.45.66 - - [03/Jun/2026:15:21:53 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3219 "-" "Jetpack by WordPress.com" 49.200.45.66 - - [03/Jun/2026:15:22:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3219 "-" "Jetpack/13.0; WordPress/6.3; http://site47213695.com" 49.200.45.66 - - [03/Jun/2026:15:22:19 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by WordPress.com" show less	Brute-Force Web App Attack
Anonymous	2026-06-03 11:41:10 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-06-02 06:06:17 (2 weeks ago)	Attac	Brute-Force
🇫🇷 dynamix	2026-06-02 04:51:18 (2 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-01 03:11:32 (2 weeks ago)	(wordpress) Failed wordpress login from 49.200.45.66 (IN/India/static-66.45.200.49-tataidc.co.in)	Brute-Force
Anonymous	2026-05-29 14:47:42 (3 weeks ago)		Bad Web Bot Web App Attack

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 212.3.154.183

🇭🇳 190.4.28.78

🇳🇱 176.65.148.147

🇮🇶 169.224.18.89

🇭🇰 152.32.211.139

🇺🇸 152.32.148.250

🇧🇬 151.237.115.208

🇨🇳 118.196.4.129

🇺🇸 104.167.25.47

🇵🇰 103.154.64.185

🇨🇦 103.26.141.32

🇺🇸 100.55.22.4

🇩🇪 89.168.117.191

🇮🇱 84.111.136.211

🇺🇸 68.185.247.204

🇺🇸 64.62.197.123

🇺🇸 57.141.20.45

🇳🇱 45.148.10.183

🇳🇱 45.148.10.147

🇨🇳 43.226.57.131