JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.242.139.63

109.242.139.63 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 14%: ?

14%

ISP	NOVA S.A.
Usage Type	Fixed Line ISP
ASN	AS25472
Hostname(s)	adsl-63.109.242.139.tellas.gr
Domain Name	nova.gr
Country	🇬🇷 Greece
City	Athens, Attica

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.242.139.63

Whois 109.242.139.63

IP Abuse Reports for 109.242.139.63:

This IP address has been reported a total of 5 times from 3 distinct sources. 109.242.139.63 was first reported on November 29th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-15 12:31:59 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-15 10:40:44 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 109.242.139.63 (adsl-63.109.242.139.tellas.gr): ... show more (mod_security) mod_security (id:240335) triggered by 109.242.139.63 (adsl-63.109.242.139.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:40:36.891648 2026] [security2:error] [pid 3642:tid 3642] [client 109.242.139.63:5428] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.242.139.63 (+1 hits since last alert)\|lightbender.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lightbender.net"] [uri "/xmlrpc.php"] [unique_id "ai_WpOdU1Fx9nm_zdeRp1gAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 15:09:14 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 109.242.139.63 (adsl-63.109.242.139.tellas.gr): ... show more (mod_security) mod_security (id:240335) triggered by 109.242.139.63 (adsl-63.109.242.139.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 11:09:08.065943 2026] [security2:error] [pid 28443:tid 28443] [client 109.242.139.63:18156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.242.139.63 (+1 hits since last alert)\|coyotebytes.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coyotebytes.net"] [uri "/xmlrpc.php"] [unique_id "ail-FOPM6t-FEGyYNrawOgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-09 07:41:49 (2 weeks ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇮🇪 Delta Whiskey	2021-11-29 14:38:02 (4 years ago)	Multiple failed WordPress authentication attempts	Brute-Force Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 36.80.247.120

🇧🇷 205.210.31.233

🇸🇬 194.164.107.6

🇮🇩 163.7.6.41

🇮🇩 117.102.86.226

🇳🇱 91.92.40.48

🇳🇱 91.92.40.8

🇺🇸 69.73.187.130

🇧🇷 45.205.1.247

🇰🇷 36.39.209.127

🇮🇳 122.166.163.130

🇭🇰 103.112.173.87

🇺🇸 74.82.47.58

🇨🇳 14.103.120.147

🇻🇳 113.22.184.163

🇨🇦 85.217.149.20

🇺🇸 74.82.47.15

🇺🇸 66.132.195.112

🇨🇳 218.0.63.25

🇸🇬 103.187.147.214