JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.36.243.28

49.36.243.28 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 75%: ?

75%

ISP	Reliance Jio Infocomm Limited
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Sawai Madhopur, Rajasthan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.36.243.28

Whois 49.36.243.28

IP Abuse Reports for 49.36.243.28:

This IP address has been reported a total of 30 times from 14 distinct sources. 49.36.243.28 was first reported on July 27th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 10:58:38 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:58:26.182773 2026] [security2:error] [pid 8064:tid 8064] [client 49.36.243.28:52488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.243.28 (+1 hits since last alert)\|webuychesterfieldhouses.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "webuychesterfieldhouses.com"] [uri "/xmlrpc.php"] [unique_id "aj-s0kcjQIFiu63pTavwVQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 09:57:26 (13 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:57:16.944901 2026] [security2:error] [pid 18956:tid 18978] [client 49.36.243.28:65347] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.243.28 (+1 hits since last alert)\|kemalinal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kemalinal.com"] [uri "/xmlrpc.php"] [unique_id "aj-efKZBJGGI43UJYaFcKgAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-27 09:56:23 (13 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 masterguru	2026-06-27 08:23:22 (15 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-27 07:24:10 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:23:59.514361 2026] [security2:error] [pid 1096:tid 1096] [client 49.36.243.28:49902] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.243.28 (+1 hits since last alert)\|phalanxemail.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "phalanxemail.net"] [uri "/xmlrpc.php"] [unique_id "aj96j78w3qtCn-ScAnWBygAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-27 05:18:24 (18 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-25 07:59:25 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 dynamix	2026-06-25 05:24:33 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 04:56:30 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 00:56:19.073263 2026] [security2:error] [pid 18426:tid 18426] [client 49.36.243.28:51401] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.243.28 (+1 hits since last alert)\|egelfitness.nl\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "egelfitness.nl"] [uri "/xmlrpc.php"] [unique_id "ajy082bRA44Nbr0NxJv2NAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ConsulHosting	2026-06-24 12:37:13 (3 days ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
Anonymous	2026-06-24 09:15:14 (3 days ago)	2026-06-24T11:15:14.036009+02:00 aion wordpress[161429]: Blocked authentication attempt for admin fr ... show more 2026-06-24T11:15:14.036009+02:00 aion wordpress[161429]: Blocked authentication attempt for admin from 49.36.243.28 ... show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-24 07:48:39 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 49.36.243.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:48:27.920218 2026] [security2:error] [pid 13379:tid 13379] [client 49.36.243.28:56892] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.36.243.28 (+1 hits since last alert)\|rwabutazafoundation.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rwabutazafoundation.org"] [uri "/xmlrpc.php"] [unique_id "ajuLy9gCg6xzLMg_unxqvwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 06:15:13 (3 days ago)	Fail2ban filtered ...	Web App Attack
🇫🇷 dynamix	2026-06-24 04:30:23 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 Tha_14	2026-06-23 10:00:40 (4 days ago)	Limit on login attempts is reached	Brute-Force

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.148

🇺🇸 165.154.135.73

🇰🇭 136.228.131.161

🇷🇴 92.118.39.77

🇳🇱 91.92.40.46

🇷🇴 82.152.132.24

🇱🇻 81.30.98.144

🇳🇱 45.148.10.157

🇨🇳 14.103.112.110

🇮🇩 202.58.72.52

🇨🇴 200.10.29.236

🇦🇷 186.23.248.210

🇩🇪 172.253.1.214

🇺🇸 162.216.149.81

🇨🇳 106.75.25.139

🇳🇱 93.123.72.183

🇨🇳 123.191.157.244

🇷🇺 109.198.240.100

🇮🇳 103.111.228.36

🇿🇦 102.252.0.2