JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.108.4.98

103.108.4.98 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 52%: ?

52%

ISP	Excitel Broadband Private Limited
Usage Type	Fixed Line ISP
ASN	AS133982
Domain Name	excitel.com
Country	🇮🇳 India
City	Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.108.4.98

Whois 103.108.4.98

IP Abuse Reports for 103.108.4.98:

This IP address has been reported a total of 12 times from 9 distinct sources. 103.108.4.98 was first reported on June 29th 2022, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 14:02:37 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 10:02:33.704387 2026] [security2:error] [pid 11237:tid 11237] [client 103.108.4.98:64628] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.98 (+1 hits since last alert)\|canebrakes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "canebrakes.com"] [uri "/xmlrpc.php"] [unique_id "ajfu-T6FYT9p5T2gJ9v5HQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-21 09:43:26 (5 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-21 09:02:59 (6 hours ago)	103.108.4.98 - - [21/Jun/2026:11:02:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.5; ... show more 103.108.4.98 - - [21/Jun/2026:11:02:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.5; WordPress/6.3; http://site41309491.com" 103.108.4.98 - - [21/Jun/2026:11:02:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.5; WordPress/6.3; http://site41309491.com" 103.108.4.98 - - [21/Jun/2026:11:02:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" 103.108.4.98 - - [21/Jun/2026:11:02:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com" 103.108.4.98 - - [21/Jun/2026:11:02:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.5; WordPress/6.2; http://site80661801.com" ... show less	Brute-Force Web App Attack
🇪🇸 alferez	2026-06-21 08:26:22 (6 hours ago)	xmlrpc.php attack DOS	Hacking Exploited Host Web App Attack
🇺🇸 integrantservices.com	2026-06-21 07:07:00 (8 hours ago)	(wordpress) Failed wordpress login from 103.108.4.98 (IN/India/-)	Brute-Force
Anonymous	2026-06-20 15:48:09 (23 hours ago)	(wordpress) Failed wordpress login from 103.108.4.98 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-20 13:19:08 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:19:04.508985 2026] [security2:error] [pid 3665:tid 3665] [client 103.108.4.98:50935] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.98 (+1 hits since last alert)\|spacebooger.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "spacebooger.com"] [uri "/xmlrpc.php"] [unique_id "ajaTSP3EZ2xLt57VLP_2lQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-20 13:17:08 (1 day ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 09:53:07 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:53:00.647717 2026] [security2:error] [pid 14166:tid 14166] [client 103.108.4.98:56099] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.98 (+1 hits since last alert)\|bigislandhawaiirealestate.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigislandhawaiirealestate.com"] [uri "/xmlrpc.php"] [unique_id "ajZi_LNbTPwYhQC505BiDgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 09:13:34 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.108.4.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:13:27.653432 2026] [security2:error] [pid 27185:tid 27185] [client 103.108.4.98:62394] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.108.4.98 (+1 hits since last alert)\|humbliaslaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "humbliaslaw.com"] [uri "/xmlrpc.php"] [unique_id "ajZZt93-WNeKnfYzbYc6KAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 noise.agency	2026-06-20 08:22:21 (1 day ago)	(wordpress) Failed wordpress login from 103.108.4.98 (IN/India/-)	Brute-Force
🇺🇦 MakselPr	2022-06-29 06:37:46 (3 years ago)	Jun 29 13:37:47 mail postfix/smtpd[319839]: warning: unknown[103.108.4.98]: SASL PLAIN authenticatio ... show more Jun 29 13:37:47 mail postfix/smtpd[319839]: warning: unknown[103.108.4.98]: SASL PLAIN authentication failed: Jun 29 13:37:53 mail postfix/smtpd[319839]: warning: unknown[103.108.4.98]: SASL LOGIN authentication failed: VXNlcm5hbWU6 ... show less	Brute-Force

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.197.85.211

🇳🇱 192.42.116.96

🇰🇷 110.14.190.217

🇺🇸 50.6.228.32

🇺🇸 45.86.19.251

🇺🇸 45.86.19.57

🇰🇷 43.155.207.136

🇨🇳 36.106.167.191

🇺🇸 20.127.185.37

🇫🇷 4.211.84.189

🇳🇱 176.65.148.120

🇭🇰 152.32.135.81

🇨🇳 123.233.239.42

🇨🇳 123.191.155.134

🇵🇰 119.156.28.157

🇳🇱 91.92.40.6

🇮🇷 85.133.139.250

🇺🇸 64.62.156.172

🇺🇦 46.149.191.249

🇺🇸 45.86.19.145