JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.105.172.119

103.105.172.119 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 67%: ?

67%

ISP	Myanmar Information Highway Limited
Usage Type	Fixed Line ISP
ASN	AS136780
Domain Name	mih.com.mm
Country	🇲🇲 Myanmar
City	Yangon, Yangon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.105.172.119

Whois 103.105.172.119

IP Abuse Reports for 103.105.172.119:

This IP address has been reported a total of 16 times from 13 distinct sources. 103.105.172.119 was first reported on August 20th 2021, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 masterguru	2026-06-18 05:58:58 (12 hours ago)	(xmlrpc) Failed xmlrpc access from 103.105.172.119 (MM/Myanmar/-): 5 in the last 3600 secs (0-122)	Hacking
🇳🇱 ConsulHosting	2026-06-18 05:20:53 (13 hours ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 03:09:00 (15 hours ago)	(mod_security) mod_security (id:225170) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:08:52.703292 2026] [security2:error] [pid 8757:tid 8757] [client 103.105.172.119:6480] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|odinathletes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "odinathletes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajNhRC2K0FcSdQX87l6ltwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 zXero	2026-06-18 03:07:26 (15 hours ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇪🇸 alferez	2026-06-18 02:56:10 (16 hours ago)		Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 10:52:38 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 06:52:34.387487 2026] [security2:error] [pid 9025:tid 9025] [client 103.105.172.119:58977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.105.172.119 (+1 hits since last alert)\|briannalls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "briannalls.com"] [uri "/xmlrpc.php"] [unique_id "ajJ8cm3lseRgJ6FFQ8YBLwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Nick Lewis	2026-06-17 10:50:36 (1 day ago)	(wordpress) Failed wordpress login from 103.105.172.119 (MM/Myanmar/-)	Brute-Force
🇺🇸 cwytech	2026-06-17 08:27:37 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
Anonymous	2026-06-17 08:18:07 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 08:06:21 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 04:06:18.232008 2026] [security2:error] [pid 29065:tid 29133] [client 103.105.172.119:62261] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.105.172.119 (+1 hits since last alert)\|sweeneyzone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sweeneyzone.com"] [uri "/xmlrpc.php"] [unique_id "ajJVevyuJBcBCeXFvRL00AAAAcI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 07:28:15 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.105.172.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 03:28:07.434159 2026] [security2:error] [pid 30468:tid 30468] [client 103.105.172.119:38690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.105.172.119 (+1 hits since last alert)\|igolfallday.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "igolfallday.com"] [uri "/xmlrpc.php"] [unique_id "ajJMh4ONzt_FiGTQbYCCXwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-17 06:24:59 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇨🇭 Mario Bretscher	2026-06-17 03:50:48 (1 day ago)	Jun 17 05:50:36 beat-band.ch Cerber(beat-band.ch)[2334855]: Authentication failure for admin from 10 ... show more Jun 17 05:50:36 beat-band.ch Cerber(beat-band.ch)[2334855]: Authentication failure for admin from 103.105.172.119 Jun 17 05:50:47 beat-band.ch Cerber(beat-band.ch)[2327753]: Authentication failure for admin from 103.105.172.119 ... show less	Web Spam
Anonymous	2026-06-17 03:38:21 (1 day ago)	[redacted] 103.105.172.119 - - [17/Jun/2026:05:37:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" ... show more [redacted] 103.105.172.119 - - [17/Jun/2026:05:37:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" bridge-club-northeim.de 103.105.172.119 - - [17/Jun/2026:05:37:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" [redacted] 103.105.172.119 - - [17/Jun/2026:05:37:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/12.1; WordPress/6.1; http://site31315390.com" bridge-club-northeim.de 103.105.172.119 - - [17/Jun/2026:05:37:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 103.105.172.119 - - [17/Jun/2026:05:37:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" bridge-club-northeim.de 103.105.172.119 - - [17/Jun/2026:05:37:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1) ... show less	Hacking Web App Attack
🇷🇸 Scan	2024-05-27 05:58:56 (2 years ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.246

🇯🇵 133.201.232.96

🇬🇧 51.195.215.144

🇳🇱 45.142.193.125

🇮🇹 4.232.80.255

🇭🇰 199.45.154.176

🇷🇺 188.143.232.21

🇵🇹 185.138.89.72

🇨🇳 180.184.141.117

🇨🇳 120.79.72.56

🇨🇳 106.37.72.234

🇹🇼 36.50.249.249

🇺🇸 24.9.62.92

🇺🇸 23.95.62.90

🇷🇴 92.118.39.225

🇫🇷 91.231.89.119

🇬🇧 51.195.183.175

🇱🇹 45.227.254.170

🇳🇱 45.148.10.141

🇸🇪 185.246.128.133