JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.167.208.212

139.167.208.212 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 100%: ?

100%

ISP	Reliance Jio Infocomm Limited
Usage Type	Fixed Line ISP
ASN	AS55836
Domain Name	jio.com
Country	🇮🇳 India
City	Hyderabad, Telangana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.167.208.212

Whois 139.167.208.212

IP Abuse Reports for 139.167.208.212:

This IP address has been reported a total of 31 times from 18 distinct sources. 139.167.208.212 was first reported on June 11th 2026, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-13 09:03:08 (4 minutes ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-13 06:28:10 (2 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 22:40:15 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 18:40:05.080705 2026] [security2:error] [pid 2016:tid 2016] [client 139.167.208.212:62100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.167.208.212 (+1 hits since last alert)\|artbytracyjane.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artbytracyjane.com"] [uri "/xmlrpc.php"] [unique_id "aiyKxCq1cGtK5aYlLkl73QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-06-12 20:00:06 (13 hours ago)	Wordfence waf block on fairregistry	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 16:49:31 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:49:25.944047 2026] [security2:error] [pid 25968:tid 25968] [client 139.167.208.212:61048] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.167.208.212 (+1 hits since last alert)\|realdoctorstories.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "realdoctorstories.com"] [uri "/xmlrpc.php"] [unique_id "aiw4lXd_ad9NcqvHW7_b8AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 bittiguru.fi	2026-06-12 14:59:51 (18 hours ago)	139.167.208.212 - [12/Jun/2026:17:59:41 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.co ... show more 139.167.208.212 - [12/Jun/2026:17:59:41 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; https://wordpress.com" "-" 139.167.208.212 - [12/Jun/2026:17:59:51 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; https://wordpress.com" "-" ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-12 14:44:26 (18 hours ago)	139.167.208.212 - [12/Jun/2026:17:44:17 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.co ... show more 139.167.208.212 - [12/Jun/2026:17:44:17 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; https://wordpress.com" "-" 139.167.208.212 - [12/Jun/2026:17:44:26 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; https://wordpress.com" "-" ... show less	Hacking Brute-Force Web App Attack
Anonymous	2026-06-12 13:43:17 (19 hours ago)	WordPress Brute Force	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 07:15:23 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:15:16.126789 2026] [security2:error] [pid 31231:tid 31309] [client 139.167.208.212:50876] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.167.208.212 (+1 hits since last alert)\|nordicatrio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicatrio.com"] [uri "/xmlrpc.php"] [unique_id "aiuyBJhrQCszh1MNvCvTaQAAAhE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-12 07:12:05 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 06:56:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:56:31.133648 2026] [security2:error] [pid 30287:tid 30287] [client 139.167.208.212:59375] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.167.208.212 (+1 hits since last alert)\|feiz.church\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feiz.church"] [uri "/xmlrpc.php"] [unique_id "aiutn_BwI0KwvLFi4yOWBgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 06:26:50 (1 day ago)	(PERMBLOCK) 139.167.208.212 (IN/India/-) has had more than 4 temp blocks	Hacking
🇺🇸 TPI-Abuse	2026-06-12 06:25:06 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 139.167.208.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:24:56.647905 2026] [security2:error] [pid 6008:tid 6008] [client 139.167.208.212:53096] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.167.208.212 (+1 hits since last alert)\|churchbehindthewalls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "churchbehindthewalls.com"] [uri "/xmlrpc.php"] [unique_id "aiumOA--kmqYAuTe2q5t9wAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 06:06:12 (1 day ago)	(wordpress) Failed wordpress login from 139.167.208.212 (IN/India/-)	Brute-Force
🇳🇱 debestelapp	2026-06-12 05:30:06 (1 day ago)		Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.78.60.105

🇨🇳 112.94.253.225

🇹🇼 104.199.144.26

🇮🇩 202.145.0.61

🇦🇿 185.146.112.202

🇧🇷 170.238.160.191

🇺🇸 162.254.36.150

🇨🇳 101.126.81.213

🇺🇦 77.120.129.7

🇺🇸 72.89.78.86

🇺🇸 65.49.1.209

🇺🇸 54.215.79.206

🇬🇧 51.89.166.236

🇩🇪 43.165.3.187

🇸🇬 43.156.162.193

🇺🇸 20.228.193.165

🇺🇦 185.157.121.237

🇨🇴 181.234.36.73

🇳🇱 162.159.113.94

🇳🇬 102.140.97.134