JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.192.16.49

185.192.16.49 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 39%: ?

39%

ISP	VPN Consumer Dublin, Ireland
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇮🇪 Ireland
City	Dublin, Leinster

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.192.16.49

Whois 185.192.16.49

IP Abuse Reports for 185.192.16.49:

This IP address has been reported a total of 211 times from 67 distinct sources. 185.192.16.49 was first reported on May 26th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-10 18:56:05 (2 days ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 interbiznw.com	2026-06-10 16:16:20 (2 days ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 Octopuce	2026-06-10 16:14:26 (2 days ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/ubh/up.php /wp-admin/images/bootstrap ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/ubh/up.php /wp-admin/images/bootstrap.php /images/upload.php /wp-content/plugins ... show less	Web App Attack
🇬🇧 consul.to	2026-06-10 15:21:13 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-08 19:04:00 (4 days ago)	185.192.16.49 - - [08/Jun/2026:22:03:59 +0300] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 40 ... show more 185.192.16.49 - - [08/Jun/2026:22:03:59 +0300] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 185.192.16.49 - - [08/Jun/2026:22:03:59 +0300] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" ... show less	Web App Attack
🇳🇿 Antinson	2026-05-03 03:19:24 (1 month ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇬🇧 consul.to	2026-04-30 00:33:45 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 16:13:28 (1 month ago)	(mod_security) mod_security (id:222160) triggered by 185.192.16.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:222160) triggered by 185.192.16.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 12:13:20.780248 2026] [security2:error] [pid 12494:tid 12494] [client 185.192.16.49:36695] ModSecurity: Access denied with code 403 (phase 1). String match "wp-content/plugins/wp-easycart/inc/admin/phpinfo.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6347"] [id "222160"] [rev "1"] [msg "COMODO WAF: Information disclosure vulnerability in The EasyCart plugin before 2.0.6 for WordPress (CVE-2014-4942)\|\|literarylights.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "literarylights.com"] [uri "/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"] [unique_id "afIuIBoHwmq_uMVN82YJnAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-04-12 16:34:16 (2 months ago)	185.192.16.49 - - [12/Apr/2026:19:34:15 +0300] "GET /wp-includes/Requests/index.php HTTP/1.1" 404 70 ... show more 185.192.16.49 - - [12/Apr/2026:19:34:15 +0300] "GET /wp-includes/Requests/index.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 185.192.16.49 - - [12/Apr/2026:19:34:16 +0300] "GET /wp-includes/ID3/about.php/wp-content/x/index.php HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" ... show less	Web App Attack
🇳🇱 Savvii	2026-03-22 03:08:26 (2 months ago)	10 attempts against mh-misc-ban on frost	Web App Attack
🇬🇧 consul.to	2026-03-18 15:23:09 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇿 Antinson	2026-03-15 05:19:34 (2 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-15 02:57:17 (2 months ago)	(mod_security) mod_security (id:240000) triggered by 185.192.16.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 185.192.16.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 22:57:11.914021 2026] [security2:error] [pid 13328:tid 13328] [client 185.192.16.49:25359] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.comicpreservation.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.comicpreservation.com"] [uri "/images/stories/themes.php"] [unique_id "abYgBxs86prvHOuDl_M1GwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-03-11 22:25:29 (3 months ago)	Blocked user enumeration attempt	Hacking
🇺🇸 Penny Packer	2026-03-04 22:20:36 (3 months ago)	Fail2Ban apache-tripwires	Web App Attack

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 171.231.197.106

🇨🇳 61.145.181.7

🇺🇸 20.83.27.184

🇨🇳 222.140.181.45

🇺🇸 167.172.140.137

🇸🇬 101.47.14.215

🇵🇰 72.255.33.99

🇺🇸 69.164.217.245

🇱🇹 45.227.254.170

🇺🇸 23.30.11.253

🇩🇪 213.209.159.241

🇻🇪 190.142.97.50

🇩🇪 185.220.100.241

🇧🇷 177.44.71.76

🇲🇾 175.144.238.198

🇦🇷 167.249.47.176

🇸🇳 154.125.89.66

🇺🇸 147.185.132.143

🇨🇳 125.47.110.19

🇮🇩 103.149.176.62