JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.240.49.141

185.240.49.141 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Servercore KE Network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS329272
Domain Name	servercore.com
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.240.49.141

Whois 185.240.49.141

IP Abuse Reports for 185.240.49.141:

This IP address has been reported a total of 9 times from 7 distinct sources. 185.240.49.141 was first reported on September 24th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2024-09-29 15:39:37 (1 year ago)	185.240.49.141 - - [29/Sep/2024:17:39:37 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 185.240.49.141 - - [29/Sep/2024:17:39:37 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇵🇱 sefinek.net	2024-09-28 10:01:29 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from KE. Action taken: CHALLENGE ASN: 329272 (Servercore-A ... show more Triggered Cloudflare WAF (firewallCustom) from KE. Action taken: CHALLENGE ASN: 329272 (Servercore-Africa-Ltd) Protocol: HTTP/1.1 (method GET) Domain: sefinek.net Endpoint: /genshin-stella-mod Timestamp: 2024-09-28T01:02:05Z Ray ID: 8c9fce572c2b6680 Rule ID: cc5e7a6277d447eca9c1818934ba65c8 UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 Report generated by Node-Cloudflare-WAF-AbuseIPDB https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB show less	Bad Web Bot
Anonymous	2024-09-27 17:31:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2024-09-27 09:04:14 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2024-09-27 08:10:33 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2024-09-27 02:56:19 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 185.240.49.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 185.240.49.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 22:56:15.948327 2024] [security2:error] [pid 5547:tid 5547] [client 185.240.49.141:35132] [client 185.240.49.141] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.240.49.141 (+1 hits since last alert)\|www.plazahacienda.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.plazahacienda.com"] [uri "/xmlrpc.php"] [unique_id "ZvYezxRedjXfJTyF5Pfu_AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-26 15:00:23 (1 year ago)	(mod_security) mod_security (id:217200) triggered by 185.240.49.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 185.240.49.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 11:00:15.326537 2024] [security2:error] [pid 15770:tid 15840] [client 185.240.49.141:12762] [client 185.240.49.141] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|batonrougegazette.com\|F\|2"] [data "/wp-comments-post.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "batonrougegazette.com"] [uri "/wp-comments-post.php"] [unique_id "ZvV2_-B3tP_ajNmYc5hM5wAAANg"], referer: https://batonrougegazette.com/uncategorized/2023-nba-playoff-picture-bracket-updated-standings-matchups-seeds/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-09-26 04:15:10 (1 year ago)	apache-wordpress-login	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-09-24 15:50:44 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.107.60.45

🇳🇱 45.148.10.183

🇺🇬 41.220.3.101

🇮🇳 2402:e280:3e21:a7:6d0f:1fe5:b67f:4003

🇰🇷 211.252.94.26

🇺🇸 73.231.220.178

🇺🇦 31.28.253.144

🇨🇳 27.155.120.135

🇻🇳 14.225.7.70

🇳🇱 2.58.56.163

🇰🇷 211.105.129.57

🇲🇦 196.89.49.64

🇦🇷 181.233.61.7

🇲🇩 178.175.129.11

🇮🇳 168.144.95.207

🇨🇳 112.102.39.203

🇧🇩 103.179.198.19

🇺🇸 66.132.172.234

🇺🇸 20.65.194.54

🇳🇱 5.255.111.197