JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.79.50.149

41.79.50.149 was found in our database!

This IP was reported 65 times. Confidence of Abuse is 36%: ?

36%

ISP	used for router core and DVB(modem vsat) in BATA
Usage Type	Fixed Line ISP
ASN	AS37337
Domain Name	greencom-eg.com
Country	🇬🇶 Equatorial Guinea
City	Bata, Litoral

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.79.50.149

Whois 41.79.50.149

IP Abuse Reports for 41.79.50.149:

This IP address has been reported a total of 65 times from 35 distinct sources. 41.79.50.149 was first reported on February 17th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 23:14:32 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:14:25.371798 2026] [security2:error] [pid 11669:tid 11669] [client 41.79.50.149:9747] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|kaylamaclaincounseling.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kaylamaclaincounseling.com"] [uri "/xmlrpc.php"] [unique_id "ajXNURmh1fMm3W-ka75THgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:43:47 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:43:38.668833 2026] [security2:error] [pid 4356:tid 4356] [client 41.79.50.149:1221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|globaldentalservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "ajXGGlXXOX8VRVB53U1XsQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 21:31:10 (1 day ago)	Attac	Brute-Force
🇫🇷 dynamix	2026-06-19 21:29:16 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 18:08:34 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:08:25.371749 2026] [security2:error] [pid 16920:tid 16920] [client 41.79.50.149:51500] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|theamarals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theamarals.com"] [uri "/xmlrpc.php"] [unique_id "ajQ0GdjqeERnWW1PKgIFOAAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 17:38:10 (2 days ago)	Attac	Brute-Force
🇫🇷 masterguru	2026-06-18 11:44:20 (3 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-18 09:46:03 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 05:45:58.673409 2026] [security2:error] [pid 19600:tid 19600] [client 41.79.50.149:39203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|josephshv.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "josephshv.com"] [uri "/xmlrpc.php"] [unique_id "ajO-VrG6-Kk7H-o2nTrhMQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 09:15:43 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 05:15:37.208441 2026] [security2:error] [pid 26966:tid 26966] [client 41.79.50.149:33805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|kawkacevents.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kawkacevents.com"] [uri "/xmlrpc.php"] [unique_id "ajO3OapFtLyuWO4ffugD5gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 08:45:08 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:45:03.558472 2026] [security2:error] [pid 315:tid 333] [client 41.79.50.149:57789] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|coasterdvdsonline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coasterdvdsonline.com"] [uri "/xmlrpc.php"] [unique_id "ajOwD51MlmlH_fOr9FpSxAAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-18 06:09:17 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:11:09 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.79.50.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:11:03.388733 2026] [security2:error] [pid 26093:tid 26093] [client 41.79.50.149:27012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.79.50.149 (+1 hits since last alert)\|oshadega.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oshadega.com"] [uri "/xmlrpc.php"] [unique_id "ajN95_NNLEFS_6VTHJXbHAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Kenshin869	2026-06-18 01:11:08 (3 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇳🇱 exxos	2025-09-23 07:03:01 (8 months ago)	http-no-verb	Hacking
🇬🇧 Silly Development	2025-05-09 21:18:00 (1 year ago)	SMB Unauthorized Attempt	Port Scan Hacking Brute-Force

Showing 1 to 15 of 65 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 178.20.210.152

🇺🇸 162.217.248.229

🇭🇰 154.37.223.19

🇺🇸 23.234.111.227

🇯🇵 160.251.185.39

🇩🇪 152.233.35.227

🇮🇳 152.70.72.249

🇭🇰 152.32.171.99

🇩🇪 144.76.56.36

🇫🇮 144.31.230.169

🇨🇦 143.198.32.123

🇨🇳 116.179.32.240

🇺🇸 50.35.168.148

🇺🇸 34.209.97.80

🇷🇸 24.135.74.36

🇦🇷 190.175.86.230

🇵🇱 144.31.171.102

🇺🇸 141.193.154.182

🇱🇹 141.98.9.92

🇨🇭 141.11.164.89