JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.108.4.42

103.108.4.42 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 42%: ?

42%

ISP	Excitel Broadband Private Limited
Usage Type	Fixed Line ISP
ASN	AS133982
Domain Name	excitel.com
Country	🇮🇳 India
City	Ghaziabad, Uttar Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.108.4.42

Whois 103.108.4.42

IP Abuse Reports for 103.108.4.42:

This IP address has been reported a total of 11 times from 9 distinct sources. 103.108.4.42 was first reported on August 12th 2021, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-26 14:50:06 (9 hours ago)	Wordfence waf block on pameganslaw	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 14:02:31 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 10:02:26.431842 2026] [security2:error] [pid 32427:tid 32427] [client 103.108.4.42:62036] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.42 (+1 hits since last alert)\|nomanszone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nomanszone.com"] [uri "/xmlrpc.php"] [unique_id "aj6Gcr-bMnVAikRe4DctzgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-26 13:21:26 (10 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 11:31:53 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 07:31:45.809111 2026] [security2:error] [pid 1620:tid 1620] [client 103.108.4.42:64154] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.42 (+1 hits since last alert)\|rodzillacharters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodzillacharters.com"] [uri "/xmlrpc.php"] [unique_id "aj5jIQ0qiytHGk-F_J538QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-06-26 09:57:30 (14 hours ago)	(xmlrpc) Failed xmlrpc access from 103.108.4.42 (IN/India/-): 5 in the last 3600 secs (0-122)	Hacking
🇺🇸 integrantservices.com	2026-06-26 09:12:55 (15 hours ago)	(wordpress) Failed wordpress login from 103.108.4.42 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 08:36:38 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:36:30.813967 2026] [security2:error] [pid 2952:tid 2952] [client 103.108.4.42:51700] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.42 (+1 hits since last alert)\|pcga.golf\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pcga.golf"] [uri "/xmlrpc.php"] [unique_id "aj46DnGik4noh7tRkkq6NAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Jason Howell	2026-06-26 08:01:50 (16 hours ago)	103.108.4.42 - - [26/Jun/2026:02:52:18 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4970 "-" "WordPress.co ... show more 103.108.4.42 - - [26/Jun/2026:02:52:18 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4970 "-" "WordPress.com; https://wordpress.com" 103.108.4.42 - - [26/Jun/2026:02:54:31 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4971 "-" "WordPress.com; https://wordpress.com" 103.108.4.42 - - [26/Jun/2026:02:56:46 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4970 "-" "WordPress.com; https://wordpress.com" 103.108.4.42 - - [26/Jun/2026:02:58:58 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4970 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" 103.108.4.42 - - [26/Jun/2026:03:01:49 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4969 "-" "Jetpack by WordPress.com" ... show less	Web App Attack
🇳🇱 exxos	2025-08-30 19:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇩🇪 Tamsy	2023-10-28 05:53:35 (2 years ago)	Mail server brute force attack attempt	Brute-Force
Anonymous	2021-08-12 16:33:30 (4 years ago)	Aug 12 15:33:14 awesomeness123 sshd[235106]: Invalid user admin from 103.108.4.42 port 53680 Aug 12 ... show more Aug 12 15:33:14 awesomeness123 sshd[235106]: Invalid user admin from 103.108.4.42 port 53680 Aug 12 15:33:22 awesomeness123 sshd[235726]: Invalid user admin from 103.108.4.42 port 54590 Aug 12 15:33:29 awesomeness123 sshd[236140]: Invalid user admin from 103.108.4.42 port 55281 show less	Brute-Force SSH

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 176.119.25.48

🇭🇰 172.253.6.29

🇩🇪 69.5.169.168

🇨🇳 203.189.196.168

🇨🇭 185.211.94.76

🇮🇩 153.124.161.248

🇬🇧 89.37.172.151

🇬🇧 35.203.211.176

🇬🇧 35.203.210.129

🇬🇧 35.203.210.64

🇵🇰 14.1.105.199

🇨🇳 8.141.19.33

🇺🇸 216.25.89.144

🇬🇧 193.163.125.226

🇧🇷 189.28.147.213

🇮🇳 136.232.11.10

🇺🇦 91.217.179.98

🇬🇧 87.236.176.216

🇺🇸 40.121.179.100

🇬🇧 35.203.211.50