JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.209.109.210

102.209.109.210 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 38%: ?

38%

ISP	Hosting Operations
Usage Type	Fixed Line ISP
ASN	AS329415
Domain Name	savannafibre.co.ug
Country	🇺🇬 Uganda
City	Kampala, Central Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.209.109.210

Whois 102.209.109.210

IP Abuse Reports for 102.209.109.210:

This IP address has been reported a total of 10 times from 9 distinct sources. 102.209.109.210 was first reported on September 23rd 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 06:07:52 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:07:42.706744 2026] [security2:error] [pid 17193:tid 17193] [client 102.209.109.210:36144] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.210 (+1 hits since last alert)\|hookedupfishing.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hookedupfishing.net"] [uri "/xmlrpc.php"] [unique_id "ai-WruFpvJWoPESNpqVswAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 05:06:49 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:06:44.117554 2026] [security2:error] [pid 31426:tid 31426] [client 102.209.109.210:36232] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.210 (+1 hits since last alert)\|famagustacyprus.eu\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "famagustacyprus.eu"] [uri "/xmlrpc.php"] [unique_id "ai-IZAHDK4bvVxwv7YwB6QAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 04:30:13 (6 days ago)	[redacted] 102.209.109.210 - - [15/Jun/2026:06:29:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 102.209.109.210 - - [15/Jun/2026:06:29:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 102.209.109.210 - - [15/Jun/2026:06:29:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 102.209.109.210 - - [15/Jun/2026:06:29:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 102.209.109.210 - - [15/Jun/2026:06:30:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 102.209.109.210 - - [15/Jun/2026:06:30:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-15 01:45:11 (6 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-15 01:38:35 (6 days ago)	4.047 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇸🇪 vaia.cloud	2026-06-15 00:21:03 (6 days ago)	trying wp-login.php/xmlrpc.php 33 times in 1 minutes	Brute-Force Web App Attack
Anonymous	2026-06-14 22:11:10 (6 days ago)	Attac	Brute-Force
🇩🇪 SMARTNET	2025-11-30 18:38:00 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇮🇳 Shaik Sai Meera	2025-10-10 11:32:49 (8 months ago)	IM360 WAF: Block Drupal/Joomla spammers - Thu Oct 9 18:06:01 2025	Hacking
🇩🇪 pressler.pro	2025-09-23 18:38:30 (8 months ago)	Fail2ban - DDoS attack on woocommerce shop ...	DDoS Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 123.51.53.12

🇬🇧 194.50.235.132

🇺🇸 172.71.195.72

🇸🇬 152.42.175.17

🇨🇦 85.217.149.58

🇱🇺 46.151.182.69

🇧🇷 45.140.193.156

🇨🇳 42.83.147.54

🇰🇿 185.233.3.95

🇺🇸 172.81.62.90

🇺🇸 172.70.38.22

🇩🇪 162.158.111.169

🇻🇳 125.212.244.35

🇳🇱 45.148.10.230

🇳🇱 45.148.10.151

🇨🇦 34.0.44.211

🇻🇳 2402:800:63b6:bcb8:915e:da85:8714:43d3

🇰🇷 221.162.3.119

🇵🇱 194.180.48.33

🇺🇸 188.213.202.94