JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.205.36.30

49.205.36.30 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 75%: ?

75%

ISP	Atria Convergence Technologies Ltd.,
Usage Type	Fixed Line ISP
ASN	AS24309
Hostname(s)	broadband.actcorp.in
Domain Name	actcorp.in
Country	🇮🇳 India
City	Bengaluru, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.205.36.30

Whois 49.205.36.30

IP Abuse Reports for 49.205.36.30:

This IP address has been reported a total of 33 times from 15 distinct sources. 49.205.36.30 was first reported on June 21st 2024, and the most recent report was 20 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 12:07:21 (20 minutes ago)	(mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the l ... show more (mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:07:14.214434 2026] [security2:error] [pid 7257:tid 7315] [client 49.205.36.30:52084] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.205.36.30 (+1 hits since last alert)\|busybeerestaurant.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "busybeerestaurant.com"] [uri "/xmlrpc.php"] [unique_id "aiQNcpQvRfMPa5U-qieYAgAAAcI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 06:22:09 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the l ... show more (mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 02:22:02.549218 2026] [security2:error] [pid 5695:tid 5695] [client 49.205.36.30:51612] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.205.36.30 (+1 hits since last alert)\|tedharris.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tedharris.com"] [uri "/xmlrpc.php"] [unique_id "aiO8ip9aWmrh1ygyXySA4wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-06 06:19:14 (6 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇲🇾 Rizzy	2026-06-06 06:18:36 (6 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-05 13:24:40 (23 hours ago)	Attac	Brute-Force
Anonymous	2026-06-04 13:06:11 (1 day ago)	Attac	Brute-Force
🇺🇸 integrantservices.com	2026-06-04 12:34:11 (1 day ago)	(wordpress) Failed wordpress login from 49.205.36.30 (IN/India/broadband.actcorp.in)	Brute-Force
🇺🇸 TAY	2026-06-03 11:50:02 (3 days ago)	49.205.36.30 - - [03/Jun/2026:19:49:40 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4401 "-" "WordPress.co ... show more 49.205.36.30 - - [03/Jun/2026:19:49:40 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4401 "-" "WordPress.com; https://wordpress.com" 49.205.36.30 - - [03/Jun/2026:19:49:50 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4401 "-" "WordPress.com; https://wordpress.com" 49.205.36.30 - - [03/Jun/2026:19:50:00 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4401 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)" ... show less	Brute-Force
Anonymous	2026-06-03 00:58:10 (3 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-02 00:30:43 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the l ... show more (mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 20:30:37.845228 2026] [security2:error] [pid 19466:tid 19484] [client 49.205.36.30:53029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.205.36.30 (+1 hits since last alert)\|supercyprus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "supercyprus.com"] [uri "/xmlrpc.php"] [unique_id "ah4kLTJPEqxS-15nLmj_qgAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 05:23:11 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the l ... show more (mod_security) mod_security (id:240335) triggered by 49.205.36.30 (broadband.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 01:23:02.267635 2026] [security2:error] [pid 10679:tid 10679] [client 49.205.36.30:51978] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.205.36.30 (+1 hits since last alert)\|pharmaceuticalsalescertifications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/xmlrpc.php"] [unique_id "ahvFtqZdfc8ZSLlXMDIGewAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-31 05:20:15 (6 days ago)	49.205.36.30 - - [31/May/2026:07:19:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.0; ... show more 49.205.36.30 - - [31/May/2026:07:19:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.0; WordPress/6.2; http://site25160604.com" 49.205.36.30 - - [31/May/2026:07:19:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.0; WordPress/6.2; http://site25160604.com" 49.205.36.30 - - [31/May/2026:07:20:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/13.0; WordPress/6.4; http://site63520748.com" 49.205.36.30 - - [31/May/2026:07:20:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/13.0; WordPress/6.4; http://site63520748.com" 49.205.36.30 - - [31/May/2026:07:20:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇺🇸 Dolphi	2026-05-31 03:20:03 (6 days ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-05-31 02:16:08 (6 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 wlt-blocker	2026-05-31 02:08:57 (6 days ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.69

🇺🇸 162.216.150.215

🇨🇳 139.9.191.197

🇺🇸 138.124.123.129

🇨🇳 112.239.121.232

🇫🇷 91.231.89.237

🇫🇷 91.231.89.93

🇺🇸 54.162.56.149

🇺🇸 45.39.115.140

🇰🇷 211.254.212.59

🇬🇧 191.101.59.86

🇮🇳 122.181.121.142

🇨🇳 120.216.239.91

🇳🇱 77.83.39.95

🇺🇸 75.127.15.105

🇸🇬 23.111.14.186

🇬🇧 193.163.125.149

🇩🇪 165.232.125.188

🇳🇱 45.156.87.253

🇰🇷 39.113.81.59