JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.37.43.75

49.37.43.75 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 41%: ?

41%

ISP	Reliance Jio Infocomm Limited
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Kolkata, West Bengal

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.37.43.75

Whois 49.37.43.75

IP Abuse Reports for 49.37.43.75:

This IP address has been reported a total of 26 times from 19 distinct sources. 49.37.43.75 was first reported on November 20th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Jason Howell	2026-06-20 16:01:59 (1 day ago)	49.37.43.75 - - [20/Jun/2026:10:58:35 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4977 "-" "Mozilla/5.0 ( ... show more 49.37.43.75 - - [20/Jun/2026:10:58:35 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4977 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/99.0.0.0 Safari/537.36" 49.37.43.75 - - [20/Jun/2026:11:00:07 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4975 "-" "Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/96.0.0.0 Safari/537.36" 49.37.43.75 - - [20/Jun/2026:11:00:37 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4977 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" 49.37.43.75 - - [20/Jun/2026:11:01:17 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4976 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.0.0 Safari/537.36" 49.37.43.75 - - [20/Jun/2026:11:01:58 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4975 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-20 09:53:44 (2 days ago)	[redacted] 49.37.43.75 - - [20/Jun/2026:11:52:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Moz ... show more [redacted] 49.37.43.75 - - [20/Jun/2026:11:52:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/77.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [20/Jun/2026:11:52:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/80.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [20/Jun/2026:11:52:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 6.3; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/77.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [20/Jun/2026:11:53:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [20/Jun/2026:11:53:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Linux; Android ... show less	Hacking Web App Attack
Anonymous	2026-06-18 13:48:43 (3 days ago)	[redacted] 49.37.43.75 - - [18/Jun/2026:15:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Moz ... show more [redacted] 49.37.43.75 - - [18/Jun/2026:15:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" praxiszentrum-dedic.de 49.37.43.75 - - [18/Jun/2026:15:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/93.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [18/Jun/2026:15:48:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/98.0.0.0 Safari/537.36" praxiszentrum-dedic.de 49.37.43.75 - - [18/Jun/2026:15:48:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/79.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [18/Jun/2026:15:48:22 +0200] "POST /xmlrpc.php HTTP/ ... show less	Hacking Web App Attack
🇳🇱 MM-bot	2026-06-18 12:33:29 (4 days ago)	URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2026-06-18 14:33:29 UTC+2)	Web App Attack Hacking
🇨🇦 electronico	2026-06-18 11:34:51 (4 days ago)	49.37.43.75 - - [18/Jun/2026:22:34:50 +1100] "POST /xmlrpc.php HTTP/1.1" 404 5895 "-" "Mozilla/5.0 ( ... show more 49.37.43.75 - - [18/Jun/2026:22:34:50 +1100] "POST /xmlrpc.php HTTP/1.1" 404 5895 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇳🇿 Tripwire	2026-06-15 13:56:10 (6 days ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇪🇸 masterguru	2026-06-15 11:22:46 (1 week ago)	(xmlrpc) Failed xmlrpc access from 49.37.43.75 (IN/India/-): 5 in the last 3600 secs (0-122)	Hacking
🇺🇸 TPI-Abuse	2026-04-29 08:53:54 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 49.37.43.75 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 49.37.43.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 04:53:48.062262 2026] [security2:error] [pid 32472:tid 32472] [client 49.37.43.75:62362] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wealthsec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wealthsec.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afHHHBNaq6eY7ydoMIgJyQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-29 06:12:59 (1 month ago)	[redacted] 49.37.43.75 - - [29/Apr/2026:08:11:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Moz ... show more [redacted] 49.37.43.75 - - [29/Apr/2026:08:11:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/99.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [29/Apr/2026:08:11:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/77.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [29/Apr/2026:08:12:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/84.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [29/Apr/2026:08:12:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" [redacted] 49.37.43.75 - - [29/Apr/2026:08:12:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWeb ... show less	Hacking Web App Attack
🇺🇸 Rip	2026-03-08 12:33:57 (3 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack
🇺🇸 OceanTreasure	2025-12-08 10:15:05 (6 months ago)	tcp/443; Likely brute force WordPress credential guessing via XML-RPC: "POST /xmlrpc.php" @ 2025-12- ... show more tcp/443; Likely brute force WordPress credential guessing via XML-RPC: "POST /xmlrpc.php" @ 2025-12-08T10:14:01Z [proxy] show less	Web App Attack
🇸🇬 ANTI SCANNER	2025-12-07 18:59:51 (6 months ago)	Scanner : /xmlrpc.php	Web Spam
🇫🇷 tecnicorioja	2025-12-06 23:00:53 (6 months ago)	POST /xmlrpc.php [06/Dec/2025:10:52:47	Brute-Force Web App Attack
🇪🇸 Gem	2025-12-06 10:00:25 (6 months ago)	Unauthorized web scan.	Web App Attack
🇺🇸 mnsf	2025-12-03 09:05:35 (6 months ago)	Xmlrpc Caught (7)	Brute-Force Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.198.224.46

🇸🇬 152.32.218.149

🇮🇷 151.234.172.4

🇵🇱 87.251.64.149

🇺🇸 34.145.98.153

🇲🇰 213.135.175.76

🇬🇧 206.189.19.232

🇬🇧 185.99.29.170

🇺🇸 172.232.8.247

🇩🇪 164.90.236.107

🇨🇳 144.255.39.82

🇨🇦 85.217.149.20

🇺🇸 74.125.75.147

🇸🇳 41.208.174.238

🇺🇸 40.124.185.213

🇴🇲 37.40.237.239

🇫🇷 2a10:4646:190::aea5:c389

🇳🇱 206.189.109.91

🇧🇬 193.24.211.107

🇧🇷 191.6.233.46