JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.242.161.49

185.242.161.49 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 0%: ?

ISP	CNC BILISIM HIZMETLERI INSAAT SANAYI VE TICARET LIMITED SIRKETI
Usage Type	Data Center/Web Hosting/Transit
ASN	AS207709
Hostname(s)	srv3.hizhosting.com
Domain Name	hizhosting.com
Country	🇹🇷 Turkey
City	Istanbul, Istanbul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.242.161.49

Whois 185.242.161.49

IP Abuse Reports for 185.242.161.49:

This IP address has been reported a total of 52 times from 27 distinct sources. 185.242.161.49 was first reported on April 28th 2021, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-03-16 11:37:45 (2 months ago)	Blocked by UFW (TCP on 57324) Source port: 52223 TTL: 34 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 57324) Source port: 52223 TTL: 34 Packet length: 52 TOS: 0x08 This report (for 185.242.161.49) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2025-07-30 22:51:28 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 185.242.161.49 (srv3.hizhosting.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 185.242.161.49 (srv3.hizhosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 30 18:51:25.326979 2025] [security2:error] [pid 17408:tid 17408] [client 185.242.161.49:52068] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.soundtrax.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.soundtrax.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aIqh7WhW6iWOKduT7d2PswAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-30 21:17:21 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 185.242.161.49 (srv3.hizhosting.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 185.242.161.49 (srv3.hizhosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 30 17:17:13.985447 2025] [security2:error] [pid 4089:tid 4089] [client 185.242.161.49:59400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cometoorderva.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cometoorderva.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIqL2es3QTWFouMbrl3L8QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-07-23 00:13:50 (10 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 mnsf	2025-07-22 21:05:23 (10 months ago)	Xmlrpc Caught (8)	Brute-Force Web App Attack
Anonymous	2025-07-22 18:39:03 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇷 dynamix	2025-07-22 18:15:53 (10 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 LRob.fr	2025-06-27 02:15:16 (11 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2025-06-26 15:09:50 (11 months ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
Anonymous	2025-06-26 04:04:25 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇭🇺 bcsaba	2025-06-25 21:17:57 (11 months ago)	Repeated request on blocked xmlrpc.php. 185.242.161.49 - - [25/Jun/2025:23:17:55 +0200] "POST /xmlrp ... show more Repeated request on blocked xmlrpc.php. 185.242.161.49 - - [25/Jun/2025:23:17:55 +0200] "POST /xmlrpc.php HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" show less	Web App Attack
🇭🇺 bcsaba	2025-06-25 19:49:57 (11 months ago)	Repeated request on blocked xmlrpc.php. 185.242.161.49 - - [25/Jun/2025:21:49:55 +0200] "POST /xmlrp ... show more Repeated request on blocked xmlrpc.php. 185.242.161.49 - - [25/Jun/2025:21:49:55 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" show less	Web App Attack
🇩🇪 LRob.fr	2025-06-24 13:15:43 (11 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇭🇺 bcsaba	2025-06-24 12:01:04 (11 months ago)	Repeated request on blocked xmlrpc.php. 185.242.161.49 - - [24/Jun/2025:14:01:01 +0200] "POST /xmlrp ... show more Repeated request on blocked xmlrpc.php. 185.242.161.49 - - [24/Jun/2025:14:01:01 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" show less	Web App Attack
🇮🇹 Progetto1	2025-06-06 07:00:02 (1 year ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.72

🇺🇸 173.255.223.124

🇺🇸 147.185.132.56

🇮🇳 117.212.43.80

🇺🇸 107.150.103.12

🇬🇧 2a06:4880:2000::37

🇧🇷 191.39.162.206

🇻🇳 180.93.43.225

🇺🇸 173.211.30.137

🇺🇸 172.66.44.127

🇺🇸 134.122.124.74

🇰🇪 105.27.148.94

🇳🇱 91.92.40.5

🇧🇬 78.130.230.164

🇳🇱 45.148.10.152

🇺🇸 34.20.242.248

🇳🇱 195.178.110.30

🇸🇪 185.246.128.133

🇺🇸 74.82.47.53

🇺🇸 65.49.1.172