JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 69.49.112.63

69.49.112.63 was found in our database!

This IP was reported 1,283 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Names For Business Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS30447
Hostname(s)	web53c75.carrierzone.com
Domain Name	internetnamesforbusiness.com
Country	🇨🇦 Canada
City	Kitchener, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 69.49.112.63

Whois 69.49.112.63

IP Abuse Reports for 69.49.112.63:

This IP address has been reported a total of 1,283 times from 221 distinct sources. 69.49.112.63 was first reported on February 18th 2021, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-16 04:18:02 (9 hours ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 nationaleventpros.com	2026-06-15 16:39:17 (21 hours ago)	WordPress login attempt	Brute-Force
🇲🇽 octageeks.com	2026-06-07 04:06:57 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 tecnicorioja	2026-06-06 22:00:12 (1 week ago)	POST /xmlrpc.php [06/Jun/2026:04:12:00	Brute-Force Web App Attack
🇺🇸 1cyb3rpunk	2026-06-06 14:50:28 (1 week ago)	Honeypot trap [wordpress_install_probe] on sectrace.org — path: /wp-login.php stage: recon. Automate ... show more Honeypot trap [wordpress_install_probe] on sectrace.org — path: /wp-login.php stage: recon. Automated scanner/attacker activity. show less	Port Scan Brute-Force Bad Web Bot Web App Attack
🇫🇷 Yepngo	2026-06-06 11:50:13 (1 week ago)	69.49.112.63 - - [06/Jun/2026:13:50:12 +0200] "POST /wp-login.php HTTP/2.0" 200 12097 "https://dev.y ... show more 69.49.112.63 - - [06/Jun/2026:13:50:12 +0200] "POST /wp-login.php HTTP/2.0" 200 12097 "https://dev.yepngo.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-06 10:19:29 (1 week ago)	69.49.112.63 - - [06/Jun/2026:12:19:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 69.49.112.63 - - [06/Jun/2026:12:19:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 Yepngo	2026-06-06 10:17:10 (1 week ago)	69.49.112.63 - - [06/Jun/2026:12:09:33 +0200] "POST /xmlrpc.php HTTP/2.0" 200 408 "-" "Mozilla/5.0 ( ... show more 69.49.112.63 - - [06/Jun/2026:12:09:33 +0200] "POST /xmlrpc.php HTTP/2.0" 200 408 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 69.49.112.63 - - [06/Jun/2026:12:17:10 +0200] "POST /xmlrpc.php HTTP/2.0" 200 408 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 09:52:50 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:52:44.706226 2026] [security2:error] [pid 23743:tid 23743] [client 69.49.112.63:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|forsaleincr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "forsaleincr.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiPt7IW2eXl5N_-aUGgbFQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 09:00:44 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:00:39.714529 2026] [security2:error] [pid 7251:tid 7251] [client 69.49.112.63:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cloudex.click\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cloudex.click"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiPht57M9Up9SKOhb0Ro7gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 08:14:11 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 04:14:04.241253 2026] [security2:error] [pid 1852:tid 1852] [client 69.49.112.63:40244] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|astglobaltech.greenlight.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "astglobaltech.greenlight.us"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiPWzEnkqBSBam0-SP9s5AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 07:55:40 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:55:33.192153 2026] [security2:error] [pid 11729:tid 11729] [client 69.49.112.63:55024] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|texascottagebakers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "texascottagebakers.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiPSdY4CfKItY_yIunn5rwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 07:03:20 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:03:16.455097 2026] [security2:error] [pid 6432:tid 6432] [client 69.49.112.63:23310] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|partners.imagineyourphotos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "partners.imagineyourphotos.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiPGND_pb_X8KMuz7ycs5gAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 06:44:59 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 69.49.112.63 (web53c75.carrierzone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 02:44:53.595760 2026] [security2:error] [pid 408:tid 408] [client 69.49.112.63:27380] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|exhaustthelimits.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "exhaustthelimits.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiPB5UvDhIWc9ICV5pORSQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bsoft.de	2026-06-06 06:39:50 (1 week ago)	69.49.112.63 - - [06/Jun/2026:06:49:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 ( ... show more 69.49.112.63 - - [06/Jun/2026:06:49:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 69.49.112.63 - - [06/Jun/2026:08:26:39 +0200] "GET /wp-login.php HTTP/1.1" 404 60572 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 69.49.112.63 - - [06/Jun/2026:08:39:49 +0200] "GET /wp-login.php HTTP/1.1" 404 74340 "https://bolte.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Web App Attack

Showing 1 to 15 of 1283 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 118.70.178.158

🇸🇾 91.144.21.210

🇯🇵 82.22.26.123

🇺🇸 45.56.100.216

🇹🇼 35.229.206.236

🇮🇳 20.198.4.39

🇺🇸 2607:f8b0:4023:c0d::8a

🇺🇸 173.234.225.242

🇩🇿 105.99.227.156

🇺🇸 65.49.20.67

🇨🇳 36.134.96.76

🇩🇪 31.70.71.228

🇩🇪 5.181.48.45

🇨🇳 219.135.135.233

🇿🇼 216.234.215.139

🇱🇻 185.113.139.51

🇷🇸 176.125.229.18

🇺🇸 167.253.96.63

🇺🇸 98.80.4.47

🇩🇪 87.106.187.122