JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.107.243.82

109.107.243.82 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Umniah Lil-Hawatef Al-Mutanaqelah Co
Usage Type	Fixed Line ISP
ASN	AS9038
Domain Name	umniah.com
Country	🇯🇴 Jordan
City	Amman, Amman

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.107.243.82

Whois 109.107.243.82

IP Abuse Reports for 109.107.243.82:

This IP address has been reported a total of 35 times from 25 distinct sources. 109.107.243.82 was first reported on April 1st 2025, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-03 09:30:12 (19 hours ago)	[WedJun0311:30:08.1386062026][security2:error][pid1521705:tid1521861][client109.107.243.82:0]ModSecu ... show more [WedJun0311:30:08.1386062026][security2:error][pid1521705:tid1521861][client109.107.243.82:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"furgonianoleggio.ch\"][uri\"/xmlrpc.php\"][unique_id\"ah_0IMmtzOB60flw0lTsWgAAAQg\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 debestelapp	2026-06-03 07:28:14 (21 hours ago)		Web App Attack
🇩🇪 big-cloud.nl	2026-06-03 06:51:13 (22 hours ago)	Try to access /xmlrpc.php	Web App Attack
🇮🇩 Burayot	2026-06-03 05:36:10 (23 hours ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 109.107.243.82 (JO/Jordan/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 109.107.243.82 (JO/Jordan/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 Jason Howell	2026-06-02 23:44:14 (1 day ago)	109.107.243.82 - - [02/Jun/2026:18:41:38 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3598 "-" "Mozilla/5. ... show more 109.107.243.82 - - [02/Jun/2026:18:41:38 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3598 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/13.0.0.0 Safari/537.36" 109.107.243.82 - - [02/Jun/2026:18:42:55 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3597 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/80.0.0.0 Safari/537.36" 109.107.243.82 - - [02/Jun/2026:18:43:19 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3597 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/60.0.0.0 Safari/537.36" 109.107.243.82 - - [02/Jun/2026:18:43:41 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3597 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/95.0.0.0 Safari/537.36" 109.107.243.82 - - [02/Jun/2026:18:44:13 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3598 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/67.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 WellSpring	2026-06-02 23:08:42 (1 day ago)	xmlrpc exploit on 712.today/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-02 20:03:55 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-02 19:05:21 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 109.107.243.82 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 109.107.243.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:05:13.833522 2026] [security2:error] [pid 10563:tid 10563] [client 109.107.243.82:37366] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|twinls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "twinls.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah8padfIZYitvXwT65sASgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 16:12:01 (1 day ago)	109.107.243.82 - - [02/Jun/2026:16:12:00 +0000] "POST /xmlrpc.php HTTP/1.1" 404 5695 "-" "Mozilla/5. ... show more 109.107.243.82 - - [02/Jun/2026:16:12:00 +0000] "POST /xmlrpc.php HTTP/1.1" 404 5695 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/79.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-02 14:09:41 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇷🇺 OK	2026-06-02 08:41:16 (1 day ago)	HTTP/HTTPS	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-02 06:30:04 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-02 05:03:10 (1 day ago)	Wordpress Vunerability attack	Web App Attack
🇲🇽 octageeks.com	2026-06-02 04:10:33 (2 days ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 09:53:56 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 109.107.243.82 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 109.107.243.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 05:53:50.198059 2026] [security2:error] [pid 29739:tid 29739] [client 109.107.243.82:43017] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|redlitephotos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "redlitephotos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah1WrsX_i4gyrQZ7nhM5GwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.43.235.218

🇺🇸 154.16.119.22

🇮🇳 152.58.25.28

🇺🇸 97.107.134.31

🇺🇸 66.132.195.56

🇬🇧 37.156.64.100

🇧🇷 191.177.177.252

🇵🇰 175.107.2.67

🇺🇸 159.203.136.205

🇳🇱 144.31.14.203

🇵🇰 139.135.42.5

🇨🇳 121.18.220.74

🇰🇷 111.171.127.190

🇸🇬 101.47.156.170

🇮🇹 95.231.210.40

🇷🇴 80.94.92.165

🇫🇷 51.159.104.219

🇺🇸 2600:3c02::2000:32ff:fec2:83b3

🇧🇷 205.210.31.241

🇧🇷 205.210.31.175