JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.0.102.49

192.0.102.49 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 0%: ?

ISP	Automattic, Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS2635
Domain Name	automattic.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 192.0.102.49 is an IP address from within our benign crawler whitelist. We confidently believe it is not a bad bot. If you disagree, please provide us with compelling evidence.

Report 192.0.102.49

Whois 192.0.102.49

IP Abuse Reports for 192.0.102.49:

This IP address has been reported a total of 25 times from 6 distinct sources. 192.0.102.49 was first reported on January 9th 2021, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-05-01 14:10:33 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 01 10:10:29.464939 2025] [security2:error] [pid 520763:tid 520763] [client 192.0.102.49:46754] [client 192.0.102.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.102.49 (+1 hits since last alert)\|www.dixiegeek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aBOA1W-jejx1dZCzmmjLsQAAAAs"], referer: http://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0&timestamp=1746108629&nonce=G0iBictrf6&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=UjgKqn0h0cC9Tdmeo70Flqaysoo%3D show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-06-09 19:38:28 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 09 15:38:21.817379 2024] [security2:error] [pid 2057] [client 192.0.102.49:4322] [client 192.0.102.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.102.49 (+1 hits since last alert)\|www.adoniahenterprises.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.adoniahenterprises.com"] [uri "/xmlrpc.php"] [unique_id "ZmYErbc67kHyLySzDZIv6wAAACg"], referer: https://www.adoniahenterprises.com/xmlrpc.php?for=jetpack&token=jVAvIuNaG2qd%25MO9St9d%5EyMBX7%25ZnLjy%3A1%3A0&timestamp=1717961901&nonce=TlcleUOOyV&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=V4qKzGoQQ8Kgm%2F%2FCYcY3DvkZTCk%3D show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-06-07 03:15:25 (2 years ago)	(mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 06 23:15:21.664670 2024] [security2:error] [pid 25255] [client 192.0.102.49:22328] [client 192.0.102.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.102.49 (+1 hits since last alert)\|solarizelouisville.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "solarizelouisville.com"] [uri "/xmlrpc.php"] [unique_id "ZmJ7Sb0zgV2ZuDZIgmmB9wAAAA4"], referer: https://solarizelouisville.com/xmlrpc.php?for=jetpack&token=N3%2AGP42Z1%21gz%2ARmJa%40lJr5I1FNi%26vC%21Y%3A1%3A0&timestamp=1717730121&nonce=c5B8V92bYh&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=%2FOl44AfWhHIalWOBepRdsp5PZ6g%3D show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-04-23 11:34:41 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-20 00:09:52 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-17 05:48:14 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2023-12-12 14:01:44 (2 years ago)	(mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 192.0.102.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 12 09:01:38.493533 2023] [security2:error] [pid 26354] [client 192.0.102.49:27238] [client 192.0.102.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.102.49 (+1 hits since last alert)\|www.dixiegeek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "ZXhnwuLsjA2VBFP7dhWzEAAAABM"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0&timestamp=1702389698&nonce=BuJk00PNsk&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=P8kYzYnHpKl1JC%2BDWdSBKRz1DRU%3D show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 OiledAmoeba	2022-07-10 19:02:41 (3 years ago)	192.0.102.49 - - [11/Jul/2022:01:02:41 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token ... show more 192.0.102.49 - - [11/Jul/2022:01:02:41 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657494160&nonce=5nigxvzmC6&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=rciMBOvbDINv6MlXFoYTi5LTyVI%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657494160&nonce=5nigxvzmC6&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=rciMBOvbDINv6MlXFoYTi5LTyVI%3D" "Jetpack by WordPress.com" "-" 0.437 "-" ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 16:57:10 (3 years ago)	192.0.102.49 - - [10/Jul/2022:22:57:09 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token ... show more 192.0.102.49 - - [10/Jul/2022:22:57:09 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657486628&nonce=aXKbbzt7EP&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=GT1ZYOmAbpD2eIuIu5lJcgcTAxc%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657486628&nonce=aXKbbzt7EP&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=GT1ZYOmAbpD2eIuIu5lJcgcTAxc%3D" "Jetpack by WordPress.com" "-" 0.494 "-" ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 15:30:26 (3 years ago)	192.0.102.49 - - [10/Jul/2022:21:18:32 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token ... show more 192.0.102.49 - - [10/Jul/2022:21:18:32 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657480711&nonce=3HkjBUMgqF&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=FtgLtbiYNQ3%2Bgjx69ZPzzKj01NA%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657480711&nonce=3HkjBUMgqF&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=FtgLtbiYNQ3%2Bgjx69ZPzzKj01NA%3D" "Jetpack by WordPress.com" "-" 0.409 "-" 192.0.102.49 - - [10/Jul/2022:21:30:26 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657481425&nonce=gCczz1zGYt&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=bh%2FdSmk%2F5yo61ZBDd9mozBztZg0%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657481425&nonce=gCczz1 ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 14:43:39 (3 years ago)	192.0.102.49 - - [10/Jul/2022:20:30:21 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token ... show more 192.0.102.49 - - [10/Jul/2022:20:30:21 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657477820&nonce=ZuNIlexp1M&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=vMz%2BBFA0iYKbHgTUBiCv4FaQSNE%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657477820&nonce=ZuNIlexp1M&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=vMz%2BBFA0iYKbHgTUBiCv4FaQSNE%3D" "Jetpack by WordPress.com" "-" 0.414 "-" 192.0.102.49 - - [10/Jul/2022:20:38:27 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657478306&nonce=csfkEDnAug&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=QksmD8TvkFpHBYx%2FT98Q6gkNHNg%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657478306&nonce=csfkEDnA ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 13:38:49 (3 years ago)	192.0.102.49 - - [10/Jul/2022:18:47:32 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token ... show more 192.0.102.49 - - [10/Jul/2022:18:47:32 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657471651&nonce=7AX8FNJnJC&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=KTxJ5bOTi%2BwuI70AWy4zmFZyMk4%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657471651&nonce=7AX8FNJnJC&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=KTxJ5bOTi%2BwuI70AWy4zmFZyMk4%3D" "Jetpack by WordPress.com" "-" 0.411 "-" 192.0.102.49 - - [10/Jul/2022:18:48:02 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657471681&nonce=o3m2n5sKeA&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=SMsQufkK45SuJx0h51h2Z0EcRqc%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657471681&nonce=o3m2n5sKeA ... show less	Brute-Force
🇺🇸 SleepyHosting	2022-01-24 01:00:18 (4 years ago)	(mod_security) mod_security (id:920170) triggered by 192.0.102.49 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:920170) triggered by 192.0.102.49 (US/United States/-): 5 in the last 3600 secs show less	Brute-Force
🇺🇸 SleepyHosting	2021-12-31 00:30:15 (4 years ago)	(mod_security) mod_security (id:920170) triggered by 192.0.102.49 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:920170) triggered by 192.0.102.49 (US/United States/-): 5 in the last 3600 secs show less	Brute-Force
🇺🇸 SleepyHosting	2021-11-20 00:43:01 (4 years ago)	(mod_security) mod_security (id:920170) triggered by 192.0.102.49 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:920170) triggered by 192.0.102.49 (US/United States/-): 5 in the last 3600 secs show less	Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇴🇲 212.146.180.184

🇨🇳 120.48.34.72

🇱🇹 81.30.98.144

🇳🇱 212.30.37.223

🇵🇱 188.212.135.115

🇯🇵 160.251.182.78

🇸🇪 155.4.209.51

🇺🇸 132.196.94.72

🇨🇳 129.211.218.71

🇨🇳 122.243.78.134

🇺🇸 74.125.181.156

🇨🇳 58.47.108.63

🇳🇱 45.128.199.109

🇨🇳 1.63.226.86

🇪🇨 205.235.2.176

🇻🇳 165.154.187.159

🇨🇳 121.229.156.106

🇹🇼 45.43.37.254

🇧🇷 205.210.31.219

🇸🇪 171.25.158.74