JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.0.99.41

192.0.99.41 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 0%: ?

ISP	Automattic, Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS2635
Hostname(s)	wordpress.com
Domain Name	automattic.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 192.0.99.41 is an IP address from within our benign crawler whitelist. We confidently believe it is not a bad bot. If you disagree, please provide us with compelling evidence.

Report 192.0.99.41

Whois 192.0.99.41

IP Abuse Reports for 192.0.99.41:

This IP address has been reported a total of 30 times from 11 distinct sources. 192.0.99.41 was first reported on December 1st 2020, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-10-09 13:10:47 (8 months ago)	(mod_security) mod_security (id:240335) triggered by 192.0.99.41 (wordpress.com): 1 in the last 300 ... show more (mod_security) mod_security (id:240335) triggered by 192.0.99.41 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 09 09:10:41.026647 2025] [security2:error] [pid 16170:tid 16170] [client 192.0.99.41:14584] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.99.41 (+1 hits since last alert)\|www.dixiegeek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aOe0Uei0AR4z32vGYSPeJgAAABg"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0&timestamp=1760015440&nonce=sEbXRo50H4&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=w%2B%2BYEVPDOUHaM6QoXRthFdg%2F%2BAY%3D show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-13 13:54:58 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 192.0.99.41 (wordpress.com): 1 in the last 300 ... show more (mod_security) mod_security (id:240335) triggered by 192.0.99.41 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 13 09:54:54.633908 2024] [security2:error] [pid 29055] [client 192.0.99.41:33312] [client 192.0.99.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.99.41 (+1 hits since last alert)\|www.dixiegeek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "ZpKHLlZzCdAyCExo_7xyUwAAAAU"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0&timestamp=1720878894&nonce=LiRmabXtPq&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=B64OlmYf8rsX0H%2FcD87QJZeV42k%3D show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 03:24:23 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 192.0.99.41 (wordpress.com): 1 in the last 300 ... show more (mod_security) mod_security (id:240335) triggered by 192.0.99.41 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 01 23:24:16.052940 2024] [security2:error] [pid 9373] [client 192.0.99.41:59372] [client 192.0.99.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.0.99.41 (+1 hits since last alert)\|solarizelouisville.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "solarizelouisville.com"] [uri "/xmlrpc.php"] [unique_id "ZoNy4P5lc6ss2GEPyoV1owAAAAI"], referer: https://solarizelouisville.com/xmlrpc.php?for=jetpack&token=N3%2AGP42Z1%21gz%2ARmJa%40lJr5I1FNi%26vC%21Y%3A1%3A0&timestamp=1719890656&nonce=tpsQNFhxVQ&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=Ni0fbi%2FSvxWFEJAd%2FUjZ%2BUHjyLc%3D show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-04-26 13:10:33 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-22 00:46:15 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-20 00:09:21 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-18 09:16:59 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-17 07:03:36 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-01 00:49:11 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2023-11-29 02:00:12 (2 years ago)	IP has triggered Cloudflare WAF	Bad Web Bot
🇩🇰 wnbhosting.dk	2023-03-11 11:55:58 (3 years ago)	WP xmlrpc [2023-03-11T12:55:58+01:00]	Hacking Web App Attack
🇩🇪 OiledAmoeba	2022-07-10 21:26:11 (3 years ago)	192.0.99.41 - - [11/Jul/2022:03:26:10 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token= ... show more 192.0.99.41 - - [11/Jul/2022:03:26:10 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657502769&nonce=ON7vkt8XqL&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=rTqnRFzbgkHgEfqRezjUOIaFpmM%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657502769&nonce=ON7vkt8XqL&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=rTqnRFzbgkHgEfqRezjUOIaFpmM%3D" "Jetpack by WordPress.com" "-" 0.498 "-" ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 17:22:01 (3 years ago)	192.0.99.41 - - [10/Jul/2022:23:22:01 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token= ... show more 192.0.99.41 - - [10/Jul/2022:23:22:01 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657488120&nonce=qhgzVhuMGB&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=Oqkd0p7tV%2B9V0kqGDjen1SJECMQ%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657488120&nonce=qhgzVhuMGB&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=Oqkd0p7tV%2B9V0kqGDjen1SJECMQ%3D" "Jetpack by WordPress.com" "-" 0.486 "-" ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 15:21:33 (3 years ago)	192.0.99.41 - - [10/Jul/2022:21:21:32 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token= ... show more 192.0.99.41 - - [10/Jul/2022:21:21:32 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657480892&nonce=17ntVmj8CJ&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=7vCBYFpItMYU8E3YmfhVOIYGB2c%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657480892&nonce=17ntVmj8CJ&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=7vCBYFpItMYU8E3YmfhVOIYGB2c%3D" "Jetpack by WordPress.com" "-" 0.446 "-" ... show less	Brute-Force
🇩🇪 OiledAmoeba	2022-07-10 14:17:30 (3 years ago)	192.0.99.41 - - [10/Jul/2022:20:10:20 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token= ... show more 192.0.99.41 - - [10/Jul/2022:20:10:20 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657476619&nonce=ejwUuBRSWy&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=RKly1IKmsMWBQ8A9LntSmDl%2Bh0Q%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657476619&nonce=ejwUuBRSWy&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=RKly1IKmsMWBQ8A9LntSmDl%2Bh0Q%3D" "Jetpack by WordPress.com" "-" 0.424 "-" 192.0.99.41 - - [10/Jul/2022:20:17:30 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657477049&nonce=7NqZwjZ5TC&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=Vxhe7ZpJtXIcAHsoRoVi42j9teY%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1&timestamp=1657477049&nonce=7NqZwjZ5TC&b ... show less	Brute-Force

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 200.86.182.227

🇺🇸 147.185.132.159

🇮🇩 114.10.47.235

🇸🇬 101.32.242.137

🇫🇷 90.30.214.203

🇩🇴 74.244.193.23

🇺🇸 50.46.141.125

🇳🇱 20.160.86.7

🇸🇬 206.189.149.87

🇩🇪 202.71.141.170

🇵🇦 201.225.74.72

🇧🇷 185.100.215.213

🇸🇦 175.110.167.12

🇩🇿 105.109.85.79

🇺🇸 100.59.10.174

🇺🇸 66.132.224.27

🇺🇸 66.132.224.20

🇵🇷 24.50.233.230

🇺🇸 205.210.31.92

🇨🇳 180.119.186.56