JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.209.111.194

102.209.111.194 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 3%: ?

ISP	Savanna Fibre Naguru
Usage Type	Fixed Line ISP
ASN	AS329415
Domain Name	savannafibre.com
Country	🇺🇬 Uganda
City	Kampala, Central Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.209.111.194

Whois 102.209.111.194

IP Abuse Reports for 102.209.111.194:

This IP address has been reported a total of 10 times from 9 distinct sources. 102.209.111.194 was first reported on March 1st 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-22 19:41:57 (5 days ago)	[Tue Jun 23 02:41:56.769741 2026] [security2:error] [pid 983216:tid 140214252046016] [client 102.209 ... show more [Tue Jun 23 02:41:56.769741 2026] [security2:error] [pid 983216:tid 140214252046016] [client 102.209.111.194:20917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa"] [unique_id "ajmQBO_W-ROa6MlP6ULp4gAATwY"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[983223] [sv6+1Zxhrnk] [ajmQBO_W-ROa6MlP6ULp4gAATwY] keep_alive=[1] [2026-06-23 02:41:56.769746] [R:ajmQBO_W-ROa6MlP6ULp4gAATwY] UA:'Mozilla/5.0 (Linux; U; Andro ... show less	Email Spam Hacking
🇧🇷 somosbr	2026-04-24 13:41:18 (2 months ago)	[2026-04-24T13:41:18Z] Unsolicited scan from 102.209.111.194 to port 100/tcp	Port Scan
Anonymous	2026-04-06 22:01:41 (2 months ago)	[07/Apr/2026:01:01:29 +0300] 177551288980.896693 102.209.111.194 2388 148.251.76.218 443 [07/Apr/202 ... show more [07/Apr/2026:01:01:29 +0300] 177551288980.896693 102.209.111.194 2388 148.251.76.218 443 [07/Apr/2026:01:01:40 +0300] 177551290027.471372 102.209.111.194 2388 148.251.76.218 443 show less	Web App Attack
Anonymous	2026-03-12 16:45:05 (3 months ago)	SMTP brute force - auth failed	Brute-Force Exploited Host
🇨🇿 lp	2026-03-12 16:24:54 (3 months ago)	Email account brute force: 2 attempts were recorded from 102.209.111.194 2026-03-12T16:28:15+01:00 w ... show more Email account brute force: 2 attempts were recorded from 102.209.111.194 2026-03-12T16:28:15+01:00 warning: unknown[102.209.111.194]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-12T16:28:16+01:00 warning: unknown[102.209.111.194]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇬🇧 killian7603	2026-03-12 06:04:43 (3 months ago)	Logon Policy Violation	Email Spam Spoofing Brute-Force
🇩🇪 DocNetzwerk	2026-03-11 10:09:19 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 102.209.111.194 (UG/Uganda/-)	Brute-Force
🇮🇹 VHosting	2026-03-11 09:59:56 (3 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 TPI-Abuse	2026-03-01 16:40:14 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.209.111.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.209.111.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 11:39:40.640788 2026] [security2:error] [pid 13209:tid 13224] [client 102.209.111.194:42871] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|scottspencergfx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "scottspencergfx.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaRrzLJf_U5s0BIp78b7kAAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-01 16:22:16 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.209.111.194 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.209.111.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 11:22:07.917299 2026] [security2:error] [pid 4623:tid 4623] [client 102.209.111.194:42984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rotentendales.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rotentendales.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaRnr9rrfZbavUDvv1qD3AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 186.31.95.163

🇨🇳 180.76.202.69

🇮🇩 163.7.9.84

🇺🇸 162.216.150.89

🇦🇹 152.53.0.56

🇨🇦 85.217.149.21

🇧🇾 81.30.98.142

🇺🇸 67.80.184.177

🇨🇳 42.81.126.27

🇺🇸 34.123.134.194

🇺🇸 3.129.70.187

🇺🇸 152.32.182.8

🇩🇪 94.26.106.19

🇧🇬 79.124.62.134

🇳🇱 45.148.10.157

🇳🇱 45.148.10.147

🇺🇸 20.64.105.169

🇻🇳 210.245.20.230

🇭🇰 172.71.218.69

🇺🇸 164.92.70.40