JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.249.48.190

94.249.48.190 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 63%: ?

63%

ISP	Jordan Telecom Group (Orange)
Usage Type	Fixed Line ISP
ASN	AS8376
Hostname(s)	94.249.x.190.go.com.jo
Domain Name	orange.com
Country	🇯🇴 Jordan
City	Irbid, Irbid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.249.48.190

Whois 94.249.48.190

IP Abuse Reports for 94.249.48.190:

This IP address has been reported a total of 15 times from 14 distinct sources. 94.249.48.190 was first reported on October 31st 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cwytech	2026-06-19 20:09:00 (9 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇺🇸 Jason Howell	2026-06-19 17:22:54 (12 hours ago)	94.249.48.190 - - [19/Jun/2026:11:52:55 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack/13. ... show more 94.249.48.190 - - [19/Jun/2026:11:52:55 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack/13.0; WordPress/6.2; http://site24539248.com" 94.249.48.190 - - [19/Jun/2026:11:55:24 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" 94.249.48.190 - - [19/Jun/2026:12:02:35 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4748 "-" "Jetpack by WordPress.com" 94.249.48.190 - - [19/Jun/2026:12:04:43 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack/12.5; WordPress/6.4; http://site93988504.com" 94.249.48.190 - - [19/Jun/2026:12:22:54 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4748 "-" "WordPress.com; https://wordpress.com" ... show less	Web App Attack
Anonymous	2026-06-19 07:23:20 (22 hours ago)	WordPress Brute Force	Brute-Force
🇫🇷 dynamix	2026-06-19 06:12:03 (23 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇷🇴 SpamStopper	2026-06-18 17:42:11 (1 day ago)	Automated mitigation by Fail2Ban firewall due to persistent security policy violations.	Hacking Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 08:17:31 (1 day ago)	[redacted] 94.249.48.190 - - [18/Jun/2026:10:16:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ... show more [redacted] 94.249.48.190 - - [18/Jun/2026:10:16:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 94.249.48.190 - - [18/Jun/2026:10:16:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.1; http://site30235130.com" [redacted] 94.249.48.190 - - [18/Jun/2026:10:17:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 94.249.48.190 - - [18/Jun/2026:10:17:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 94.249.48.190 - - [18/Jun/2026:10:17:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" ... show less	Hacking Web App Attack
🇩🇪 DocNetzwerk	2026-06-18 08:02:14 (1 day ago)	(wordpress) Failed wordpress login from 94.249.48.190 (JO/Jordan/94.249.x.190.go.com.jo)	Brute-Force
Anonymous	2026-06-16 18:25:41 (3 days ago)	Fail2Ban - Wordpress brute-force ...	Brute-Force Web App Attack
Anonymous	2026-06-16 14:08:51 (3 days ago)	Fail2ban filtered ...	Web App Attack
🇫🇷 masterguru	2026-06-16 12:33:50 (3 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 rh24	2026-06-15 19:53:39 (4 days ago)	(wordpress) Failed wordpress login from 94.249.48.190 (JO/Jordan/94.249.x.190.go.com.jo): (CF_ENABL ... show more (wordpress) Failed wordpress login from 94.249.48.190 (JO/Jordan/94.249.x.190.go.com.jo): (CF_ENABLE) show less	Brute-Force
Anonymous	2025-11-19 16:24:28 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-16 20:01:01 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-02 06:11:43 (7 months ago)	Web app attack and vulnerability scan detected from IIS logs	Brute-Force Bad Web Bot Web App Attack
🇸🇪 KIDOS	2025-10-31 05:12:38 (7 months ago)	malicious activity, botnet	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 206.62.40.85

🇺🇸 162.216.150.118

🇺🇸 71.71.250.77

🇺🇸 54.165.245.1

🇺🇸 43.173.69.147

🇺🇸 2607:f8b0:4004:c19::129

🇲🇽 187.191.48.4

🇺🇸 162.216.150.166

🇺🇸 162.216.149.174

🇺🇸 152.32.235.107

🇸🇪 135.225.181.169

🇨🇳 121.40.231.19

🇳🇱 91.92.42.7

🇰🇼 78.89.154.59

🇺🇸 66.132.195.52

🇱🇹 45.227.254.170

🇺🇸 128.173.237.165

🇵🇰 111.68.111.124

🇦🇴 41.78.17.146

🇧🇷 20.206.64.115