JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.5.248.169

139.5.248.169 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 30%: ?

30%

ISP	Jungle Studio
Usage Type	Fixed Line ISP
ASN	AS133982
Domain Name	excitel.com
Country	🇮🇳 India
City	Hyderabad, Telangana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.5.248.169

Whois 139.5.248.169

IP Abuse Reports for 139.5.248.169:

This IP address has been reported a total of 6 times from 5 distinct sources. 139.5.248.169 was first reported on July 1st 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 16:41:14 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 139.5.248.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 139.5.248.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 12:41:07.946184 2026] [security2:error] [pid 10291:tid 10291] [client 139.5.248.169:64687] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.5.248.169 (+1 hits since last alert)\|maffiniandbearce.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maffiniandbearce.com"] [uri "/xmlrpc.php"] [unique_id "ai7Zoxp3NRngWVwuOtdYqAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 vaia.cloud	2026-06-14 12:57:06 (1 day ago)	trying wp-login.php/xmlrpc.php 30 times in 1 minutes	Brute-Force Web App Attack
🇩🇪 yvoictra	2026-06-14 10:51:51 (1 day ago)	139.5.248.169 - - [14/Jun/2026:12:50:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "WordPress.co ... show more 139.5.248.169 - - [14/Jun/2026:12:50:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "WordPress.com; https://wordpress.com" 139.5.248.169 - - [14/Jun/2026:12:51:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" 139.5.248.169 - - [14/Jun/2026:12:51:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "WordPress.com; https://wordpress.com" 139.5.248.169 - - [14/Jun/2026:12:51:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 139.5.248.169 - - [14/Jun/2026:12:51:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack/12.1; WordPress/6.1; http://site54294200.com" 139.5.248.169 - - [14/Jun/2026:12:51:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack/12.0; WordPress/6.2; http://site19493551.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 10:47:06 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 139.5.248.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 139.5.248.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:47:00.988293 2026] [security2:error] [pid 8321:tid 8324] [client 139.5.248.169:59726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 139.5.248.169 (+1 hits since last alert)\|whatismetamodern.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "ai6GpGbMMKHSadaaECTViAAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-14 10:44:47 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/-	Web App Attack
🇩🇪 Invisiblemen	2021-07-01 08:15:29 (4 years ago)	Unauthorized connection attempt from IP address 139.5.248.169 on Port 445(SMB)	Port Scan

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 104.222.173.103

🇫🇷 91.231.89.229

🇹🇼 60.199.224.55

🇪🇨 205.235.2.176

🇺🇸 195.184.76.90

🇵🇱 194.180.48.148

🇦🇷 186.122.177.140

🇺🇸 172.253.251.124

🇸🇪 104.222.171.232

🇸🇪 104.222.169.193

🇫🇷 85.217.140.34

🇫🇷 85.217.140.2

🇨🇳 219.144.80.143

🇷🇺 193.17.92.5

🇨🇳 182.116.114.54

🇧🇷 179.189.85.66

🇳🇱 176.65.139.220

🇮🇳 117.248.107.130

🇺🇸 104.209.11.52

🇺🇸 104.194.192.60