JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.192.16.42

185.192.16.42 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 16%: ?

16%

ISP	VPN Consumer Dublin, Ireland
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇮🇪 Ireland
City	Dublin, Leinster

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.192.16.42

Whois 185.192.16.42

IP Abuse Reports for 185.192.16.42:

This IP address has been reported a total of 143 times from 54 distinct sources. 185.192.16.42 was first reported on November 23rd 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 robotstxt	2026-06-10 13:52:17 (1 week ago)	185.192.16.42 - - [10/Jun/2026:13:51:54 +0000] "GET /cgi-bin/bypass.php HTTP/1.1" 404 548 "-" "Mozil ... show more 185.192.16.42 - - [10/Jun/2026:13:51:54 +0000] "GET /cgi-bin/bypass.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" "-" 185.192.16.42 - - [10/Jun/2026:13:51:55 +0000] "GET /wp-signup.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" "-" 185.192.16.42 - - [10/Jun/2026:13:52:11 +0000] "GET /cgi-bin/class.api.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" "-" 185.192.16.42 - - [10/Jun/2026:13:52:13 +0000] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" "-" 185.192.16.42 - - [10/Jun/2026:13:52:17 +0000] "GET /cgi-bin/index.php H ... show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-08 19:04:20 (2 weeks ago)	185.192.16.42 - - [08/Jun/2026:22:04:20 +0300] "GET /wp-includes/js/index.php HTTP/1.1" 404 725 "-" ... show more 185.192.16.42 - - [08/Jun/2026:22:04:20 +0300] "GET /wp-includes/js/index.php HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 185.192.16.42 - - [08/Jun/2026:22:04:20 +0300] "GET /wp-content/upgrade/item.php HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" ... show less	Web App Attack
🇳🇱 Site.eu	2026-05-03 09:57:28 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-04-13 19:06:16 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇿 Antinson	2026-04-12 17:11:58 (2 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇳🇱 wlt-blocker	2026-04-08 23:38:34 (2 months ago)	Unauthorized access to webpage admin	Web App Attack
🇬🇧 consul.to	2026-03-18 15:22:47 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-03-08 16:33:33 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 185.192.16.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 12:33:30.555943 2026] [security2:error] [pid 25588:tid 25588] [client 185.192.16.42:51759] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bwill.dev\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bwill.dev"] [uri "/backups/backup.sql"] [unique_id "aa2k2gOz7YYgJ75_vsRGSQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇾 armandosaucedo.me	2026-03-03 15:00:16 (3 months ago)	185.192.16.42 - - [03/Mar/2026:14:59:54 +0000] "HEAD /restore/backup.sql HTTP/1.1" 403 - "-" "-"	Web App Attack
🇬🇧 consul.to	2026-03-03 06:01:59 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 zynex	2026-03-02 07:35:40 (3 months ago)	URL Probing: /mah.php	Web App Attack
🇬🇧 Apache	2026-03-02 02:09:49 (3 months ago)	(mod_security) mod_security (id:20000010) triggered by 185.192.16.42 (IE/Ireland/-): 5 in the last 3 ... show more (mod_security) mod_security (id:20000010) triggered by 185.192.16.42 (IE/Ireland/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-03-01 21:55:15 (3 months ago)	Multiple WAF Violations	Web App Attack
🇫🇷 Octopuce	2026-03-01 18:55:38 (3 months ago)	Aggressive web search of vulnerable pages: /wp-admin/css/colors/blue/abc.php /wp-admin/maint/wonder. ... show more Aggressive web search of vulnerable pages: /wp-admin/css/colors/blue/abc.php /wp-admin/maint/wonder.php /wp-content/themes/twentytwentyfour/won ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-28 18:07:39 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 185.192.16.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 13:07:24.612183 2026] [security2:error] [pid 25673:tid 25706] [client 185.192.16.42:58281] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bluetigertees.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bluetigertees.com"] [uri "/wallet.dat"] [unique_id "aaMu3MBlgwiDXdfMzqJM7wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.22

🇧🇴 192.223.127.242

🇳🇱 176.65.131.189

🇺🇸 162.216.150.177

🇮🇳 128.185.212.50

🇺🇸 96.127.172.215

🇺🇸 45.33.89.53

🇧🇪 44.11.12.96

🇩🇪 43.228.157.10

🇪🇬 41.128.181.196

🇵🇰 36.255.33.139

🇬🇧 35.203.210.236

🇫🇷 2.16.245.22

🇺🇸 216.73.216.89

🇫🇷 213.199.35.105

🇩🇪 195.230.103.245

🇬🇧 193.163.125.176

🇩🇪 167.94.146.79

🇦🇺 158.178.141.16

🇨🇳 115.236.53.198