JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.213.3.154

49.213.3.154 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 68%: ?

68%

ISP	Henderson Data Centre Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS10098
Hostname(s)	m154.bbcserv.com
Domain Name	hdcdatacentre.com
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.213.3.154

Whois 49.213.3.154

IP Abuse Reports for 49.213.3.154:

This IP address has been reported a total of 44 times from 13 distinct sources. 49.213.3.154 was first reported on December 19th 2020, and the most recent report was 35 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 WeekendWeb	2026-06-21 12:38:59 (35 minutes ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 11:48:07 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 07:48:00.175889 2026] [security2:error] [pid 12909:tid 12909] [client 49.213.3.154:33984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.vzan.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vzan.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajfPcDUcYVCpcMqvytpDqgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-20 22:31:16 (14 hours ago)		Brute-Force Web App Attack
🇺🇸 Dolphi	2026-06-20 20:40:42 (16 hours ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 19:41:11 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:41:07.545586 2026] [security2:error] [pid 29195:tid 29195] [client 49.213.3.154:37960] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|professionalpianomoversinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "professionalpianomoversinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajbs0zQVrre-7rnesHTtMgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 15:35:02 (21 hours ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 11:34:54.530535 2026] [security2:error] [pid 22941:tid 22941] [client 49.213.3.154:38662] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.paguilar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.paguilar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajazHgdiS9qM7h3CRntX4AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 middelkoopcc	2026-06-20 01:20:06 (1 day ago)	2026-06-20 03:16:31 WordPress login error from 49.213.3.154: invalid_username && 2026-06-20 03:16:32 ... show more 2026-06-20 03:16:31 WordPress login error from 49.213.3.154: invalid_username && 2026-06-20 03:16:32 WordPress login error from 49.213.3.154: invalid_username && 2026-06-20 03:16:37 WordPress login error from 49.213.3.154: invalid_username && 117 more within 20 minutes show less	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-19 22:30:57 (1 day ago)		Brute-Force Web App Attack
Anonymous	2026-06-19 21:11:57 (1 day ago)	[redacted] 49.213.3.154 - - [19/Jun/2026:23:11:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mo ... show more [redacted] 49.213.3.154 - - [19/Jun/2026:23:11:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:44.0) Gecko/20100101 Firefox/44.0" [redacted] 49.213.3.154 - - [19/Jun/2026:23:11:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0" [redacted] 49.213.3.154 - - [19/Jun/2026:23:11:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:46.0) Gecko/20100101 Firefox/46.0" [redacted] 49.213.3.154 - - [19/Jun/2026:23:11:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0" [redacted] 49.213.3.154 - - [19/Jun/2026:23:11:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0" [redacted] 49.213.3.154 - - [19/Jun/2026:23:11:52 +0200] "POST /xmlrp ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 10:17:46 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:17:37.060913 2026] [security2:error] [pid 15496:tid 15496] [client 49.213.3.154:41422] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.boaredraven.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.boaredraven.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajUXQYI0te3cb2TUnGKGZgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-19 02:31:51 (2 days ago)	49.213.3.154 (HK/Hong Kong/m154.bbcserv.com), more than 25 Apache 403 hits	Hacking
🇺🇸 TPI-Abuse	2026-06-18 13:15:38 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 09:15:30.308298 2026] [security2:error] [pid 14818:tid 14818] [client 49.213.3.154:50546] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.consolidatedoperationsgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.consolidatedoperationsgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajPvcma3BzWUl6X-vVUfwwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 11:44:23 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 07:44:16.834882 2026] [security2:error] [pid 6425:tid 6425] [client 49.213.3.154:36836] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|anchor07.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "anchor07.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajPaEOjhEVCcG2r51D1-zwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 09:19:35 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 05:19:29.103833 2026] [security2:error] [pid 31090:tid 31090] [client 49.213.3.154:60674] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.raintechgutters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.raintechgutters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajO4IRmVW9xpfLcGPn4gDgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 08:35:18 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 49.213.3.154 (m154.bbcserv.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:35:10.317352 2026] [security2:error] [pid 6338:tid 6338] [client 49.213.3.154:36316] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.bickleton.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bickleton.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajOtvjiHnuP5UAJ7TtkwEwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 141.98.83.240

🇺🇸 45.79.186.176

🇸🇬 45.78.198.199

🇮🇳 172.253.226.124

🇨🇴 143.105.99.3

🇨🇳 122.241.123.185

🇩🇪 95.85.238.22

🇺🇸 66.132.172.38

🇳🇱 64.137.54.215

🇧🇷 45.165.238.2

🇳🇱 45.142.193.70

🇩🇪 45.133.251.253

🇸🇬 35.240.174.82

🇺🇸 23.238.46.196

🇳🇱 195.178.110.30

🇺🇸 147.185.132.119

🇺🇸 143.244.175.21

🇨🇳 123.56.83.180

🇷🇺 87.249.211.191

🇺🇸 47.223.212.176