JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.165.48.95

102.165.48.95 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 0%: ?

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Washington, District of Columbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.165.48.95

Whois 102.165.48.95

IP Abuse Reports for 102.165.48.95:

This IP address has been reported a total of 54 times from 31 distinct sources. 102.165.48.95 was first reported on August 26th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-05-21 11:04:02 (1 month ago)	Fail2Ban banned 102.165.48.95 for security violations in jail wp-armour. Log: 2026/05/21 11:04:01 [e ... show more Fail2Ban banned 102.165.48.95 for security violations in jail wp-armour. Log: 2026/05/21 11:04:01 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 102.165.48.95 \| Target: wplogin" , client: 102.165.48.95, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Web Spam
🇧🇪 Ivo Vynckier	2026-03-27 16:39:00 (2 months ago)	102.165.48.95 - - [27/Mar/2026:02:08:56 +0100] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 6263 ... show more 102.165.48.95 - - [27/Mar/2026:02:08:56 +0100] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 6263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 102.165.48.95 - - [27/Mar/2026:02:08:56 +0100] "GET //feed/ HTTP/1.1" 403 796 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 102.165.48.95 - - [27/Mar/2026:02:08:56 +0100] "GET //xmlrpc.php?rsd HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" show less	Web App Attack
🇫🇮 YF	2026-03-27 03:00:28 (2 months ago)	wp-login.php (Brute force)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-27 01:10:34 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 21:10:28.104529 2026] [security2:error] [pid 26740:tid 26740] [client 102.165.48.95:37706] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vividlee.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vividlee.com"] [uri "/wp/wp-json/wp/v2/users/"] [unique_id "acXZBOv9kK1CSCCIO0p2rwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-03-27 00:56:58 (2 months ago)	10 attempts against mh-misc-ban on eris	Web App Attack
🇦🇺 nzhost.co.nz	2026-03-26 23:03:53 (2 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 ambor	2026-03-26 22:01:38 (2 months ago)	Honeypot triggered: /wp-includes/ID3/license.txt on ifebridge.com. User-Agent: Mozilla/5.0 (Windows ... show more Honeypot triggered: /wp-includes/ID3/license.txt on ifebridge.com. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36. Method: GET show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 21:46:59 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 17:46:53.673668 2026] [security2:error] [pid 18555:tid 18555] [client 102.165.48.95:6935] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|desertautoworks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "desertautoworks.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "acWpTbGtvHEXC_OIZlvmTQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-03-26 21:04:22 (2 months ago)	2.958 requests from abuseipdb.com blacklisted IP (10mos19h24m)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-26 20:55:26 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 16:55:18.502670 2026] [security2:error] [pid 11461:tid 11461] [client 102.165.48.95:39839] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mkdesignndetailing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mkdesignndetailing.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "acWdNgDTbZABW56YyamM2gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-03-26 19:52:29 (2 months ago)	[redacted] 102.165.48.95 - - [26/Mar/2026:20:52:27 +0100] "GET //wp-includes/ID3/[redacted] HTTP/1.1 ... show more [redacted] 102.165.48.95 - - [26/Mar/2026:20:52:27 +0100] "GET //wp-includes/ID3/[redacted] HTTP/1.1" 302 1538 0/47607 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 102.165.48.95 - - [26/Mar/2026:20:52:28 +0100] "GET /[redacted]?rsd HTTP/1.1" 302 1537 0/53534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-03-26 19:46:21 (2 months ago)	Blocking for trying to access an exploit file: //xmlrpc.php?rsd	Hacking
🇳🇱 Savvii	2026-03-26 19:37:12 (2 months ago)	10 attempts against mh_ha-misc-ban on ethyl	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 19:26:11 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.165.48.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 15:26:06.340048 2026] [security2:error] [pid 7041:tid 7041] [client 102.165.48.95:41854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.michaelcarrollgreen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.michaelcarrollgreen.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "acWITizlSS0KDEr84fkWBAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 mk-dizajn.hr	2026-03-26 19:12:24 (2 months ago)	$f2bV_matches	Bad Web Bot

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 188.191.165.234

🇺🇸 134.195.101.188

🇻🇳 103.77.215.69

🇺🇸 43.153.12.68

🇬🇧 193.163.125.124

🇺🇸 192.34.63.174

🇳🇱 91.92.40.202

🇭🇰 47.242.124.242

🇺🇸 44.194.110.73

🇨🇦 20.63.58.40

🇺🇸 216.244.66.241

🇨🇳 116.135.67.93

🇺🇸 44.138.12.82

🇧🇪 34.34.178.22

🇿🇦 13.245.137.0

🇨🇳 223.91.89.127

🇳🇱 176.65.148.4

🇿🇦 172.253.244.217

🇮🇳 103.176.160.146

🇮🇹 89.41.172.82