JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.209.109.210

102.209.109.210 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 39%: ?

39%

ISP	Hosting Operations
Usage Type	Fixed Line ISP
ASN	AS329415
Domain Name	savannafibre.co.ug
Country	🇺🇬 Uganda
City	Kampala, Central Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.209.109.210

Whois 102.209.109.210

IP Abuse Reports for 102.209.109.210:

This IP address has been reported a total of 10 times from 9 distinct sources. 102.209.109.210 was first reported on September 23rd 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 06:07:52 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:07:42.706744 2026] [security2:error] [pid 17193:tid 17193] [client 102.209.109.210:36144] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.210 (+1 hits since last alert)\|hookedupfishing.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hookedupfishing.net"] [uri "/xmlrpc.php"] [unique_id "ai-WruFpvJWoPESNpqVswAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 05:06:49 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 102.209.109.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:06:44.117554 2026] [security2:error] [pid 31426:tid 31426] [client 102.209.109.210:36232] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.209.109.210 (+1 hits since last alert)\|famagustacyprus.eu\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "famagustacyprus.eu"] [uri "/xmlrpc.php"] [unique_id "ai-IZAHDK4bvVxwv7YwB6QAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 04:30:13 (5 days ago)	[redacted] 102.209.109.210 - - [15/Jun/2026:06:29:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 102.209.109.210 - - [15/Jun/2026:06:29:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 102.209.109.210 - - [15/Jun/2026:06:29:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 102.209.109.210 - - [15/Jun/2026:06:29:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 102.209.109.210 - - [15/Jun/2026:06:30:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 102.209.109.210 - - [15/Jun/2026:06:30:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-15 01:45:11 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-15 01:38:35 (5 days ago)	4.047 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇸🇪 vaia.cloud	2026-06-15 00:21:03 (5 days ago)	trying wp-login.php/xmlrpc.php 33 times in 1 minutes	Brute-Force Web App Attack
Anonymous	2026-06-14 22:11:10 (5 days ago)	Attac	Brute-Force
🇩🇪 SMARTNET	2025-11-30 18:38:00 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇮🇳 Shaik Sai Meera	2025-10-10 11:32:49 (8 months ago)	IM360 WAF: Block Drupal/Joomla spammers - Thu Oct 9 18:06:01 2025	Hacking
🇩🇪 pressler.pro	2025-09-23 18:38:30 (8 months ago)	Fail2ban - DDoS attack on woocommerce shop ...	DDoS Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 207.180.233.215

🇰🇷 118.41.137.223

🇺🇸 104.243.35.45

🇺🇸 2001:470:2cc:1::17f

🇺🇸 147.185.132.35

🇨🇦 85.217.149.10

🇨🇳 47.95.166.4

🇨🇳 27.158.15.186

🇮🇳 182.95.150.106

🇩🇪 104.207.63.238

🇫🇷 85.217.140.26

🇺🇸 66.132.195.30

🇺🇸 20.168.5.218

🇺🇸 18.217.208.51

🇫🇷 5.135.106.93

🇰🇷 110.14.190.221

🇫🇮 94.159.112.56

🇷🇴 92.118.39.62

🇺🇸 74.208.55.148

🇩🇪 213.209.159.235