JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.209.109.144

102.209.109.144 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 84%: ?

84%

ISP	Hosting Operations
Usage Type	Fixed Line ISP
ASN	AS329415
Domain Name	savannafibre.co.ug
Country	🇺🇬 Uganda
City	Kampala, Central Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.209.109.144

Whois 102.209.109.144

IP Abuse Reports for 102.209.109.144:

This IP address has been reported a total of 41 times from 21 distinct sources. 102.209.109.144 was first reported on December 23rd 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 16:38:55 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:38:49.577991 2026] [security2:error] [pid 17265:tid 17265] [client 102.209.109.144:22517] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|pharmaceuticalsalescareerhub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescareerhub.com"] [uri "/xmlrpc.php"] [unique_id "ajQfGao9UG9z52STi3H7qwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-18 12:52:16 (8 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-18 11:22:50 (9 hours ago)	(wordpress) Failed wordpress login from 102.209.109.144 (UG/Uganda/-)	Brute-Force
🇺🇸 integrantservices.com	2026-06-18 11:21:51 (9 hours ago)	(wordpress) Failed wordpress login from 102.209.109.144 (UG/Uganda/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-18 09:28:50 (11 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 05:28:45.449657 2026] [security2:error] [pid 21342:tid 21342] [client 102.209.109.144:31864] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|slattery-law.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "slattery-law.com"] [uri "/xmlrpc.php"] [unique_id "ajO6TYcvufs2dCS0Wg6iXwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 08:19:02 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:18:57.017861 2026] [security2:error] [pid 7910:tid 7910] [client 102.209.109.144:32047] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|roguetechhub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechhub.com"] [uri "/xmlrpc.php"] [unique_id "ajOp8Wb3vJOBkoL7NPemLwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 06:20:35 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:20:28.889805 2026] [security2:error] [pid 14987:tid 14987] [client 102.209.109.144:61887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|morninginc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "morninginc.com"] [uri "/xmlrpc.php"] [unique_id "ajOOLE_4iw-r1rsc2yb2dQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:19:36 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:19:30.328639 2026] [security2:error] [pid 2985:tid 2985] [client 102.209.109.144:22609] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|incrp.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "incrp.org"] [uri "/xmlrpc.php"] [unique_id "ajN_4pA-XEO5uCZyXK935AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 03:33:30 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:33:22.345241 2026] [security2:error] [pid 489:tid 489] [client 102.209.109.144:31887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|cmcnow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cmcnow.com"] [uri "/xmlrpc.php"] [unique_id "ajNnAn7qF3D-N00s-QX3HwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2026-06-17 22:35:03 (22 hours ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇦🇺 AWW-Admin	2026-06-17 21:20:52 (23 hours ago)	(wordpress) Failed wordpress login from 102.209.109.144 (UG/Uganda/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-17 17:59:25 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:59:18.598413 2026] [security2:error] [pid 17577:tid 17577] [client 102.209.109.144:62569] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.144 (+1 hits since last alert)\|schmitzcomm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schmitzcomm.net"] [uri "/xmlrpc.php"] [unique_id "ajLgdudn-41j8XgElaqK_wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 12:23:01 (1 day ago)	(wordpress) Failed wordpress login from 102.209.109.144 (UG/Uganda/-)	Brute-Force
🇫🇮 inlink.ltd	2026-06-17 04:28:50 (1 day ago)	Known malicious PHP file or CMS probe	Web App Attack
🇫🇷 dynamix	2026-06-17 03:21:49 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 155.2.215.81

🇺🇸 147.185.132.43

🇷🇺 78.36.196.36

🇮🇳 40.80.83.34

🇺🇸 40.78.170.209

🇺🇸 40.76.118.45

🇺🇸 216.244.83.58

🇵🇭 119.92.70.82

🇨🇳 101.96.220.237

🇫🇷 85.217.140.23

🇺🇸 66.132.195.87

🇺🇸 47.88.48.113

🇩🇪 43.228.157.121

🇮🇪 40.115.124.4

🇺🇸 40.114.38.88

🇮🇪 40.69.66.178

🇩🇪 213.209.159.242

🇺🇸 40.113.217.8

🇮🇪 40.113.52.123

🇺🇸 20.121.45.222