JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.107.229.139

109.107.229.139 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 44%: ?

44%

ISP	Umniah Lil-Hawatef Al-Mutanaqelah Co.
Usage Type	Fixed Line ISP
ASN	AS9038
Domain Name	umniah.com
Country	🇯🇴 Jordan
City	Amman, Amman

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.107.229.139

Whois 109.107.229.139

IP Abuse Reports for 109.107.229.139:

This IP address has been reported a total of 23 times from 13 distinct sources. 109.107.229.139 was first reported on November 26th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-20 12:28:59 (1 week ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
Anonymous	2026-06-06 22:56:17 (3 weeks ago)	Attac	Brute-Force
🇳🇱 wlt-blocker	2026-06-06 22:53:39 (3 weeks ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-06 16:50:57 (3 weeks ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=galanistherm.gr; logs=/var/log/httpd/domains/galanistherm.gr.l ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=galanistherm.gr; logs=/var/log/httpd/domains/galanistherm.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2026-06-06 16:20:04 (3 weeks ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-04 23:04:11 (3 weeks ago)	Attac	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-04 22:25:48 (3 weeks ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 22:24:39 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 18:24:32.703036 2026] [security2:error] [pid 24342:tid 24342] [client 109.107.229.139:37278] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.107.229.139 (+1 hits since last alert)\|jellisonrepair.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jellisonrepair.com"] [uri "/xmlrpc.php"] [unique_id "aiH7IA0F_WIVxnP_4PySTQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2026-06-04 14:29:17 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 109.107.229.139 (JO/Jordan/-): 5 in the last 30 ... show more (mod_security) mod_security (id:240335) triggered by 109.107.229.139 (JO/Jordan/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
Anonymous	2026-06-04 13:54:24 (3 weeks ago)	[redacted] 109.107.229.139 - - [04/Jun/2026:15:53:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" ... show more [redacted] 109.107.229.139 - - [04/Jun/2026:15:53:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)" spineconcept.de 109.107.229.139 - - [04/Jun/2026:15:53:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 109.107.229.139 - - [04/Jun/2026:15:54:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 109.107.229.139 - - [04/Jun/2026:15:54:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" spineconcept.de 109.107.229.139 - - [04/Jun/2026:15:54:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 109.107.229.139 - - [04/Jun/2026:15:54:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" [redacted] 109.107.229.139 - - [04/Jun/2026:15:54:12 +0200] "POS ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:44:44 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:44:40.685833 2026] [security2:error] [pid 2255:tid 2255] [client 109.107.229.139:44542] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.107.229.139 (+1 hits since last alert)\|doctoredwinalvarez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doctoredwinalvarez.com"] [uri "/xmlrpc.php"] [unique_id "aiFzOOx8qobhwypRyCMJDgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-04 09:20:13 (3 weeks ago)	(wordpress) Failed wordpress login from 109.107.229.139 (JO/Jordan/-): (CF_ENABLE)	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-03 22:25:42 (3 weeks ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 19:54:04 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:53:58.573512 2026] [security2:error] [pid 12299:tid 12370] [client 109.107.229.139:35619] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.107.229.139 (+1 hits since last alert)\|wedgwoodclub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wedgwoodclub.com"] [uri "/xmlrpc.php"] [unique_id "aiCGVvNxz1-mVrAob1tJ3gAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 11:10:14 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 109.107.229.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:10:08.329719 2026] [security2:error] [pid 7116:tid 7116] [client 109.107.229.139:45302] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.107.229.139 (+1 hits since last alert)\|fivecentmiracle.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fivecentmiracle.com"] [uri "/xmlrpc.php"] [unique_id "aiALkLZTUfhxT--7pk2LogAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2001:41d0:303:1ee9::1

🇫🇮 209.85.167.45

🇬🇧 191.96.110.39

🇮🇩 182.8.162.189

🇸🇦 168.149.40.222

🇸🇪 130.49.113.241

🇹🇼 111.70.38.248

🇧🇬 108.165.233.160

🇻🇳 103.69.85.58

🇨🇦 85.217.149.13

🇫🇷 85.217.140.16

🇹🇷 85.104.71.168

🇺🇸 67.207.93.64

🇰🇷 59.21.37.60

🇺🇸 52.180.146.145

🇩🇪 47.254.174.130

🇺🇸 47.90.196.2

🇱🇺 46.151.182.69

🇬🇧 35.203.211.140

🇸🇬 165.154.200.214