JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.36.240.166

49.36.240.166 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 33%: ?

33%

ISP	Reliance Jio Infocomm Limited
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Sawai Madhopur, Rajasthan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.36.240.166

Whois 49.36.240.166

IP Abuse Reports for 49.36.240.166:

This IP address has been reported a total of 9 times from 7 distinct sources. 49.36.240.166 was first reported on February 4th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 03:55:39 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.36.240.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.36.240.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 23:55:27.026926 2026] [security2:error] [pid 3782:tid 3782] [client 49.36.240.166:56128] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.240.166 (+1 hits since last alert)\|fattoria-rendena.it\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fattoria-rendena.it"] [uri "/xmlrpc.php"] [unique_id "ajYPL9SxMm9cetmOZNZ6xgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 07:06:45 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 49.36.240.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.36.240.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:06:34.625655 2026] [security2:error] [pid 22323:tid 22323] [client 49.36.240.166:63869] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.240.166 (+1 hits since last alert)\|tourissue.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tourissue.com"] [uri "/xmlrpc.php"] [unique_id "ajTqetxXkVLD66ePD8tAdAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 noise.agency	2026-06-18 04:22:31 (4 days ago)	(wordpress) Failed wordpress login from 49.36.240.166 (IN/India/-)	Brute-Force
🇫🇷 dynamix	2026-06-17 03:34:44 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:17:39 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 49.36.240.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.36.240.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:17:29.042498 2026] [security2:error] [pid 4915:tid 4915] [client 49.36.240.166:57876] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.240.166 (+1 hits since last alert)\|newcitypark.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newcitypark.com"] [uri "/xmlrpc.php"] [unique_id "ai982QT4c4XsZkP_iwCONgAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-09 03:20:52 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated encoding. Vegas Security	DDoS Attack Hacking Bad Web Bot
Anonymous	2026-05-25 05:43:45 (4 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-05-15 12:06:51 (1 month ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (150/60 min)'; Requests=150	Port Scan
🇺🇸 kosada.com	2026-02-04 16:30:43 (4 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.148.2

🇹🇭 159.192.99.12

🇧🇷 131.196.31.122

🇧🇷 131.196.31.21

🇨🇳 121.229.156.113

🇷🇺 89.109.45.0

🇧🇷 45.186.164.31

🇬🇧 45.82.76.116

🇸🇬 43.173.174.53

🇧🇷 181.189.10.112

🇻🇳 118.68.22.175

🇨🇳 113.128.88.102

🇲🇾 49.124.154.169

🇳🇱 45.142.193.200

🇦🇹 45.137.172.116

🇺🇸 45.33.15.84

🇩🇪 35.159.91.119

🇰🇿 2.134.15.12

🇷🇴 213.233.88.85

🇧🇷 200.4.99.65