JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.43.133.123

49.43.133.123 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 31%: ?

31%

ISP	Reliance Jio Infocomm Limited
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Panipat, Haryana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.43.133.123

Whois 49.43.133.123

IP Abuse Reports for 49.43.133.123:

This IP address has been reported a total of 13 times from 8 distinct sources. 49.43.133.123 was first reported on January 23rd 2025, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-17 22:32:49 (23 hours ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 07:49:00 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 03:48:48.682515 2026] [security2:error] [pid 5327:tid 5327] [client 49.43.133.123:56250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.43.133.123 (+1 hits since last alert)\|bb103.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bb103.us"] [uri "/xmlrpc.php"] [unique_id "ajJRYJr9ug0E3QSzUwJbNgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:50:13 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:50:03.067894 2026] [security2:error] [pid 2710:tid 2710] [client 49.43.133.123:1873] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.43.133.123 (+1 hits since last alert)\|pharmaceuticalsalescertifications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/xmlrpc.php"] [unique_id "ajJDm60Iwv3NiwirPrs35QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-16 22:30:33 (1 day ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 11:47:17 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 07:47:06.812833 2026] [security2:error] [pid 13380:tid 13380] [client 49.43.133.123:65215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.43.133.123 (+1 hits since last alert)\|wealthsec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wealthsec.com"] [uri "/xmlrpc.php"] [unique_id "ajE3ukJn1ArayOHXBicsVAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 10:44:20 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:44:06.908060 2026] [security2:error] [pid 8289:tid 8289] [client 49.43.133.123:62908] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.43.133.123 (+1 hits since last alert)\|kdgsf.xyz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kdgsf.xyz"] [uri "/xmlrpc.php"] [unique_id "ajEo9gnSeNvsT3TxkzIZAwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 08:35:48 (2 days ago)	[redacted] 49.43.133.123 - - [16/Jun/2026:10:35:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "J ... show more [redacted] 49.43.133.123 - - [16/Jun/2026:10:35:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.0; WordPress/6.1; http://site42542929.com" [redacted] 49.43.133.123 - - [16/Jun/2026:10:35:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.0; WordPress/6.3; http://site77361371.com" [redacted] 49.43.133.123 - - [16/Jun/2026:10:35:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" [redacted] 49.43.133.123 - - [16/Jun/2026:10:35:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/13.0; WordPress/6.1; http://site24036489.com" [redacted] 49.43.133.123 - - [16/Jun/2026:10:35:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" ... show less	Hacking Web App Attack
🇳🇱 ConsulHosting	2026-06-16 07:56:57 (2 days ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 07:41:40 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 49.43.133.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:41:26.749317 2026] [security2:error] [pid 21834:tid 21834] [client 49.43.133.123:57659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.43.133.123 (+1 hits since last alert)\|stoughtonpipeandwelding.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoughtonpipeandwelding.net"] [uri "/xmlrpc.php"] [unique_id "ajD-JlCQpsZK6Bb8suI5kQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-10 16:15:35 (2 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-01-17 08:38:05 (5 months ago)	Unauthorized connection to Telnet port 23	Port Scan
🇺🇸 sumnone	2026-01-09 09:39:39 (5 months ago)	Port probing on unauthorized port 23	Port Scan Hacking Exploited Host
Anonymous	2025-01-23 10:17:07 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.26

🇺🇦 185.17.125.166

🇺🇸 167.172.138.147

🇺🇸 162.216.149.104

🇨🇴 152.202.119.205

🇺🇸 136.30.192.93

🇸🇬 84.75.148.110

🇬🇧 57.129.139.88

🇦🇱 45.84.118.202

🇲🇽 187.195.103.37

🇭🇰 156.238.246.197

🇳🇬 152.32.141.172

🇺🇸 147.185.132.118

🇺🇸 108.51.122.206

🇫🇷 85.217.140.53

🇸🇪 78.66.44.23

🇺🇸 66.132.186.231

🇬🇧 35.203.210.219

🇷🇴 2.57.121.25

🇺🇸 203.88.119.100