JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.249.42.39

94.249.42.39 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 53%: ?

53%

ISP	Jordan Telecom Group (Orange)
Usage Type	Fixed Line ISP
ASN	AS8376
Hostname(s)	94.249.x.39.go.com.jo
Domain Name	orange.com
Country	🇯🇴 Jordan
City	Irbid, Irbid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.249.42.39

Whois 94.249.42.39

IP Abuse Reports for 94.249.42.39:

This IP address has been reported a total of 14 times from 9 distinct sources. 94.249.42.39 was first reported on June 12th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 15:17:04 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:16:57.429193 2026] [security2:error] [pid 25511:tid 25511] [client 94.249.42.39:54857] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.42.39 (+1 hits since last alert)\|lighthousescm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lighthousescm.com"] [uri "/xmlrpc.php"] [unique_id "ai10acLyU59ngaSeMdaNxAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-13 13:13:13 (6 days ago)	(wordpress) Failed wordpress login from 94.249.42.39 (JO/Jordan/94.249.x.39.go.com.jo)	Brute-Force
🇺🇸 WeekendWeb	2026-06-13 13:12:18 (6 days ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 11:41:49 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:41:42.304398 2026] [security2:error] [pid 25177:tid 25177] [client 94.249.42.39:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.42.39 (+1 hits since last alert)\|upskirtcrazy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "upskirtcrazy.com"] [uri "/xmlrpc.php"] [unique_id "ai1B9j_oRDH3konWX9zKbgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:47:47 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:47:40.124492 2026] [security2:error] [pid 18385:tid 18479] [client 94.249.42.39:17543] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.42.39 (+1 hits since last alert)\|darkestmoonart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "darkestmoonart.com"] [uri "/xmlrpc.php"] [unique_id "ai0ZLN4KcEinXB2wKUBg1AAAAQo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 05:41:28 (6 days ago)		Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-13 02:33:44 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC JO/Hashemite Kingdom of Jordan/94.249.x.39.go.com.jo	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 00:44:03 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 20:43:56.055408 2026] [security2:error] [pid 20792:tid 20792] [client 94.249.42.39:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.42.39 (+1 hits since last alert)\|local639.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "local639.com"] [uri "/xmlrpc.php"] [unique_id "aiynzLC5myXLDFqBLA5iSwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 23:02:10 (1 week ago)	Attac	Brute-Force
🇧🇪 cmbplf	2026-06-12 21:42:47 (1 week ago)	2.904 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇫🇮 YF	2026-06-12 21:00:54 (1 week ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇫🇷 dynamix	2026-06-12 18:53:37 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 18:14:21 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:14:17.024403 2026] [security2:error] [pid 27049:tid 27049] [client 94.249.42.39:1178] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.42.39 (+1 hits since last alert)\|t9teamsportinggoods.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "t9teamsportinggoods.com"] [uri "/xmlrpc.php"] [unique_id "aixMeYkawZ2IzMrqK8DrbgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:32:03 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 94.249.42.39 (94.249.x.39.go.com.jo): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:31:54.298877 2026] [security2:error] [pid 23838:tid 23838] [client 94.249.42.39:2060] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.42.39 (+1 hits since last alert)\|frogdesignmexico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "aiwYWrqWUB-yRB09HkxRywAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.52.49.148

🇮🇳 202.83.19.121

🇳🇱 194.48.251.50

🇳🇱 185.223.235.59

🇩🇪 167.233.68.137

🇺🇸 148.153.56.174

🇺🇸 147.90.235.16

🇵🇰 124.29.226.105

🇨🇳 120.235.225.39

🇺🇸 104.207.37.124

🇬🇧 89.37.172.135

🇪🇬 41.42.87.0

🇪🇬 41.40.131.50

🇬🇧 35.203.210.20

🇰🇷 210.217.42.139

🇷🇺 178.178.194.128

🇺🇸 162.216.150.82

🇭🇰 156.245.246.50

🇮🇳 122.176.122.24

🇪🇬 41.238.77.163