JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.253.49.117

167.253.49.117 was found in our database!

This IP was reported 72 times. Confidence of Abuse is 0%: ?

ISP	Mumara
Usage Type	Data Center/Web Hosting/Transit
ASN	Unknown
Domain Name	mumara.com
Country	🇺🇸 United States of America
City	SeaTac, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.253.49.117

Whois 167.253.49.117

IP Abuse Reports for 167.253.49.117:

This IP address has been reported a total of 72 times from 17 distinct sources. 167.253.49.117 was first reported on October 20th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-07 08:06:29 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 04:06:23.835502 2026] [security2:error] [pid 1329953:tid 1329953] [client 167.253.49.117:22479] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|awcadvocate.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "awcadvocate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adS6_3QAGCwA12vYXCM4WQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 18:24:28 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 14:24:20.596444 2026] [security2:error] [pid 29203:tid 29203] [client 167.253.49.117:21841] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aandbnaturalfoods.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aandbnaturalfoods.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adKo1M7GFbsa92aLKtNRLwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 15:36:08 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 11:36:00.948462 2026] [security2:error] [pid 6102:tid 6102] [client 167.253.49.117:27555] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|36sovereignchambers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "36sovereignchambers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adKBYBJnW6Z1Q5Dx34oNegAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 10:40:54 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 06:40:46.404599 2026] [security2:error] [pid 7356:tid 7356] [client 167.253.49.117:28789] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Horizon II/Thumbs.db"] [unique_id "abU7LiJBqbwFbn0qAWyA-gAAAAw"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Horizon%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-02-10 02:40:17 (3 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇨🇭 backslash	2026-01-06 02:00:39 (5 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2026-01-05 10:47:26 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-03 02:23:13 (5 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 12:00:54 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 167.253.49.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 07:00:49.677317 2025] [security2:error] [pid 25312:tid 25312] [client 167.253.49.117:35587] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dmasoftlab.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dmasoftlab.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aVO-8eVqxor-vblFJ1lXggAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-26 08:54:11 (5 months ago)	Web App Attack	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-25 07:57:03 (5 months ago)	WP Login Scan Activities	Web App Attack
🇬🇧 Bytemark	2025-12-25 04:07:42 (5 months ago)	167.253.49.117 - - [25/Dec/2025:04:07:38 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.goo ... show more 167.253.49.117 - - [25/Dec/2025:04:07:38 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 167.253.49.117 - - [25/Dec/2025:04:07:40 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 167.253.49.117 - - [25/Dec/2025:04:07:41 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇫🇷 masterguru	2025-12-23 11:02:54 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 167.253.49.117 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 167.253.49.117 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
Anonymous	2025-12-10 23:11:06 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.10 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-10 17:12:20 (5 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 72 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.169

🇫🇮 147.185.133.218

🇨🇳 112.81.45.219

🇬🇧 87.236.176.167

🇱🇹 45.227.254.170

🇺🇸 20.190.190.131

🇮🇷 5.237.103.64

🇩🇪 203.188.189.34

🇩🇪 159.195.147.215

🇰🇷 118.35.217.176

🇷🇴 80.94.92.171

🇸🇬 43.173.174.92

🇩🇴 38.78.150.102

🇰🇷 20.214.145.16

🇺🇸 4.157.250.195

🇸🇬 2404:6800:4003:c04::122

🇰🇷 220.80.223.144

🇮🇶 185.166.25.150

🇰🇷 121.66.212.27

🇨🇳 121.29.84.238