JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.219.155.28

102.219.155.28 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 85%: ?

85%

ISP	FOB
Usage Type	Fixed Line ISP
ASN	AS36920
Domain Name	kkontech.com
Country	🇳🇬 Nigeria
City	Lagos, Lagos

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.219.155.28

Whois 102.219.155.28

IP Abuse Reports for 102.219.155.28:

This IP address has been reported a total of 28 times from 15 distinct sources. 102.219.155.28 was first reported on May 30th 2026, and the most recent report was 40 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-06-23 10:28:48 (40 minutes ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇷 applemooz	2026-06-23 08:25:52 (2 hours ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-23 07:36:20 (3 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-23 02:48:05 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 22:47:59.908258 2026] [security2:error] [pid 5798:tid 5798] [client 102.219.155.28:60198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|healthmarkcounseling.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "healthmarkcounseling.com"] [uri "/xmlrpc.php"] [unique_id "ajnz3xKnrpd8mIGynbOoPQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 02:28:13 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 22:28:08.429737 2026] [security2:error] [pid 29022:tid 29022] [client 102.219.155.28:53612] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|cathybermanmft.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cathybermanmft.com"] [uri "/xmlrpc.php"] [unique_id "ajnvOBrJ9atF470Qzuc7TgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 01:16:22 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 21:16:17.912110 2026] [security2:error] [pid 5798:tid 5855] [client 102.219.155.28:2601] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|annacaird.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "annacaird.com"] [uri "/xmlrpc.php"] [unique_id "ajneYcKvrVdrqpYPPJvdyAAAAZI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 00:17:14 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 20:17:07.417472 2026] [security2:error] [pid 24014:tid 24014] [client 102.219.155.28:47611] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|stlouisdave.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stlouisdave.com"] [uri "/xmlrpc.php"] [unique_id "ajnQg7iaigUbp6nd-zVMygAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 23:43:47 (11 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 19:43:39.632340 2026] [security2:error] [pid 18163:tid 18163] [client 102.219.155.28:28739] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|professionalpianomoversinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "professionalpianomoversinc.com"] [uri "/xmlrpc.php"] [unique_id "ajnIqzaf_YgeYzxCx-JacQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-22 20:32:28 (14 hours ago)	3.206 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇫🇷 SpaceHost-Server	2026-06-22 19:51:34 (15 hours ago)	102.219.155.28 - - [22/Jun/2026:21:51:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.c ... show more 102.219.155.28 - - [22/Jun/2026:21:51:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" 102.219.155.28 - - [22/Jun/2026:21:51:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com" 102.219.155.28 - - [22/Jun/2026:21:51:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-22 19:35:42 (15 hours ago)	102.219.155.28 - - [22/Jun/2026:21:35:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.c ... show more 102.219.155.28 - - [22/Jun/2026:21:35:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" 102.219.155.28 - - [22/Jun/2026:21:35:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack/12.1; WordPress/6.2; http://site10256042.com" 102.219.155.28 - - [22/Jun/2026:21:35:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇩🇪 pscriptos	2026-06-22 18:53:42 (16 hours ago)	{"ClientAddr":"102.219.155.28:16931","ClientHost":"102.219.155.28","ClientPort":"16931","ClientUsern ... show more {"ClientAddr":"102.219.155.28:16931","ClientHost":"102.219.155.28","ClientPort":"16931","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":152406468,"OriginContentSize":418,"OriginDuration":148879936,"OriginStatus":403,"Overhead":3526532,"RequestAddr":"www.cleveradmin.de","RequestContentSize":717,"RequestCount":1165551,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-22T20:53:20.60442006+02:00","StartUTC":"2026-06-22T18:53:20.60442006Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-22T20:53:20+02:00"} {"ClientAddr":"102.219.155.28:16931","ClientHost":"102.219.155.28" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-22 18:22:24 (16 hours ago)	102.219.155.28 - - [22/Jun/2026:20:22:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12. ... show more 102.219.155.28 - - [22/Jun/2026:20:22:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.1; WordPress/6.4; http://site27867742.com" 102.219.155.28 - - [22/Jun/2026:20:22:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.1; WordPress/6.4; http://site27867742.com" 102.219.155.28 - - [22/Jun/2026:20:22:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 102.219.155.28 - - [22/Jun/2026:20:22:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 102.219.155.28 - - [22/Jun/2026:20:22:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 17:30:32 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 13:30:27.697555 2026] [security2:error] [pid 15690:tid 15767] [client 102.219.155.28:58563] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|mysticscon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mysticscon.com"] [uri "/xmlrpc.php"] [unique_id "ajlxM712UgWxC46KVUpH7gAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 15:37:46 (19 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 102.219.155.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 11:37:38.895554 2026] [security2:error] [pid 8618:tid 8618] [client 102.219.155.28:40711] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.219.155.28 (+1 hits since last alert)\|apexandroids.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apexandroids.com"] [uri "/xmlrpc.php"] [unique_id "ajlWwu4wH0WD_hDCciWjGQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 112.86.225.112

🇷🇴 94.156.152.50

🇩🇪 212.132.120.41

🇷🇴 109.166.202.218

🇩🇪 87.106.29.151

🇨🇭 37.120.213.13

🇺🇸 20.171.8.85

🇮🇳 2409:408c:2c90:3ea1:90d3:54c6:e696:7880

🇩🇪 185.192.21.72

🇭🇰 172.253.6.26

🇨🇳 116.179.32.236

🇷🇴 109.166.202.228

🇫🇷 91.231.89.111

🇫🇮 65.109.191.142

🇺🇸 54.165.3.140

🇻🇳 45.117.179.232

🇺🇸 3.83.245.221

🇭🇰 223.197.178.95

🇸🇬 208.109.13.31

🇬🇧 193.163.125.190