JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.47.129.3

49.47.129.3 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 78%: ?

78%

ISP	Reliance Jio Infocomm Limited
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Patna, Bihar

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.47.129.3

Whois 49.47.129.3

IP Abuse Reports for 49.47.129.3:

This IP address has been reported a total of 32 times from 15 distinct sources. 49.47.129.3 was first reported on June 10th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 18:36:33 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:36:21.822018 2026] [security2:error] [pid 7080:tid 7080] [client 49.47.129.3:61102] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|alejandrogorsse.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "alejandrogorsse.com"] [uri "/xmlrpc.php"] [unique_id "akFppTOgwdD2dn9XywqaPAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 16:59:25 (1 day ago)	[redacted] 49.47.129.3 - - [28/Jun/2026:18:58:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jet ... show more [redacted] 49.47.129.3 - - [28/Jun/2026:18:58:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/13.0; WordPress/6.1; http://site95503168.com" medaix-akademie.de 49.47.129.3 - - [28/Jun/2026:18:58:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/12.0; WordPress/6.3; http://site52489047.com" [redacted] 49.47.129.3 - - [28/Jun/2026:18:58:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" medaix-akademie.de 49.47.129.3 - - [28/Jun/2026:18:58:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" [redacted] 49.47.129.3 - - [28/Jun/2026:18:58:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" medaix-akademie.de 49.47.129.3 - - [28/Jun/2026:18:59:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" [redacted] 49.47.129.3 - - [28/Jun/2026:18:59:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jet ... show less	Hacking Web App Attack
🇩🇪 dbmwebdesign	2026-06-28 15:45:38 (1 day ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 13:10:39 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 09:10:28.410300 2026] [security2:error] [pid 12947:tid 12947] [client 49.47.129.3:61972] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|astglobaltech.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "astglobaltech.com"] [uri "/xmlrpc.php"] [unique_id "aj_LxCrm5fGr6aMYYCI79AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 06:20:46 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:20:36.084608 2026] [security2:error] [pid 30771:tid 30771] [client 49.47.129.3:52632] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|answeringilliana.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "answeringilliana.com"] [uri "/xmlrpc.php"] [unique_id "aj9rtAyahIinjwfVnCPaKwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 17:42:52 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 13:42:39.533304 2026] [security2:error] [pid 21348:tid 21348] [client 49.47.129.3:57899] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|writebetweenthelines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "writebetweenthelines.com"] [uri "/xmlrpc.php"] [unique_id "aj66D1nw18UYeT7bsbwDmQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-26 16:37:21 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 lostswordfish.com	2026-06-26 15:50:06 (3 days ago)	Wordfence waf block on flintlocal432	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 15:35:30 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:35:17.439452 2026] [security2:error] [pid 21354:tid 21354] [client 49.47.129.3:55376] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|firstunitedreserve.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "firstunitedreserve.com"] [uri "/xmlrpc.php"] [unique_id "aj6cNUQ7LYwlylb0OYf90gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 11:02:07 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 07:01:57.910042 2026] [security2:error] [pid 22228:tid 22228] [client 49.47.129.3:53914] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|expresstires.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "expresstires.us"] [uri "/xmlrpc.php"] [unique_id "aj5cJV9kQQi7TxnuD7ABoQAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2026-06-26 09:51:21 (3 days ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 14:31:34 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:31:23.922553 2026] [security2:error] [pid 4872:tid 4872] [client 49.47.129.3:52482] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|michelehoop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michelehoop.com"] [uri "/xmlrpc.php"] [unique_id "aj07u6mI_MkQe9zAIlc4BgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-25 14:02:21 (4 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-25 07:55:37 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:55:27.199440 2026] [security2:error] [pid 20829:tid 20829] [client 49.47.129.3:61814] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|daisydoesoap.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "daisydoesoap.com"] [uri "/xmlrpc.php"] [unique_id "ajze7wiZZNk9yt-Z47jiiAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 15:12:04 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 49.47.129.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 11:11:52.955925 2026] [security2:error] [pid 11712:tid 11712] [client 49.47.129.3:63054] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 49.47.129.3 (+1 hits since last alert)\|feiz.church\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feiz.church"] [uri "/xmlrpc.php"] [unique_id "ajvzuOmrV9lVl4CqQgR25gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.239.32.181

🇺🇸 216.25.89.78

🇿🇦 196.192.181.202

🇺🇸 195.184.76.181

🇬🇧 194.110.243.35

🇱🇻 185.113.139.51

🇧🇷 177.43.83.43

🇳🇱 141.11.62.236

🇨🇿 91.224.90.50

🇺🇸 89.116.14.50

🇩🇪 78.111.67.235

🇮🇳 68.233.116.124

🇳🇱 45.153.34.151

🇪🇸 207.188.158.216

🇵🇱 146.59.95.254

🇺🇸 103.168.66.237

🇬🇧 81.19.219.195

🇺🇸 64.235.34.43

🇱🇹 62.60.130.219

🇧🇷 45.4.179.4