JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.16.71.197

103.16.71.197 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 39%: ?

39%

ISP	Gatik Business Solutions
Usage Type	Fixed Line ISP
ASN	AS132559
Domain Name	ginternet.in
Country	🇮🇳 India
City	Shivamogga, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.16.71.197

Whois 103.16.71.197

IP Abuse Reports for 103.16.71.197:

This IP address has been reported a total of 24 times from 20 distinct sources. 103.16.71.197 was first reported on January 21st 2022, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-15 09:44:31 (23 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇸🇪 konseptit	2026-06-15 08:43:08 (1 day ago)	(wordpress) Failed wordpress login from 103.16.71.197 (IN/India/-)	Brute-Force
Anonymous	2026-06-05 07:49:03 (1 week ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇳🇱 debestelapp	2026-06-02 09:05:06 (2 weeks ago)		Web App Attack
Anonymous	2026-06-02 07:38:11 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-02 06:06:59 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.16.71.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.16.71.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 02:06:55.817447 2026] [security2:error] [pid 20925:tid 20925] [client 103.16.71.197:52759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.16.71.197 (+1 hits since last alert)\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "ah5y_4lTHlVYDRzz2u0WZQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 07:25:56 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.16.71.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.16.71.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 03:25:49.838302 2026] [security2:error] [pid 3736:tid 3736] [client 103.16.71.197:61366] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.16.71.197 (+1 hits since last alert)\|talentstar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talentstar.com"] [uri "/xmlrpc.php"] [unique_id "ag1h_UBDfZ2-JkuYCh9mEgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-20 04:55:30 (3 weeks ago)	(wordpress) Failed wordpress login from 103.16.71.197 (IN/India/Karnataka/Bengaluru/-/[redacted])	Brute-Force
🇺🇸 TPI-Abuse	2026-04-21 09:54:30 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.16.71.197 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.16.71.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 21 05:54:23.792310 2026] [security2:error] [pid 1946684:tid 1946764] [client 103.16.71.197:65291] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.16.71.197 (+1 hits since last alert)\|darkestmoonart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "darkestmoonart.com"] [uri "/xmlrpc.php"] [unique_id "aedJT_Jw_q76bUBMpdgXMAAAAhI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-13 06:36:46 (2 months ago)	103.16.71.197 - - [13/Apr/2026:08:36:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.co ... show more 103.16.71.197 - - [13/Apr/2026:08:36:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" 103.16.71.197 - - [13/Apr/2026:08:36:24 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "WordPress.com; https://wordpress.com" 103.16.71.197 - - [13/Apr/2026:08:36:34 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/12.0; WordPress/6.2; http://site89147024.com" 103.16.71.197 - - [13/Apr/2026:08:36:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.0; WordPress/6.2; http://site89147024.com" 103.16.71.197 - - [13/Apr/2026:08:36:44 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇺🇸 bigwavedave	2026-04-13 05:57:57 (2 months ago)	Wordpress Attack	Web App Attack
🇩🇪 4server	2026-04-07 05:46:42 (2 months ago)	[TueApr0707:46:38.2727142026][security2:error][pid891620:tid891725][client103.16.71.197:0]ModSecurit ... show more [TueApr0707:46:38.2727142026][security2:error][pid891620:tid891725][client103.16.71.197:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"112\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"admin-services.ch\"][uri\"/xmlrpc.php\"][unique_id\"adSaPtgkw6hlgEYO98SfDgAAAJA\"] show less	Port Scan Brute-Force Web App Attack
🇳🇿 Tripwire	2026-04-01 07:41:34 (2 months ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇫🇷 Kenshin869	2026-04-01 06:13:05 (2 months ago)	Wordpress unauthorized access attempt	Brute-Force
🇩🇪 LRob.fr	2026-03-25 10:00:21 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 186.251.71.202

🇺🇸 164.92.82.91

🇩🇪 148.153.140.110

🇺🇸 143.198.174.132

🇩🇪 136.243.228.177

🇫🇷 85.217.140.35

🇺🇸 72.234.16.75

🇺🇸 2607:f8b0:4001:c70::122

🇺🇸 2600:1f28:365:80b0:4c3:3444:4978:8f3a

🇳🇱 192.42.116.56

🇲🇽 187.191.48.24

🇷🇺 178.178.194.123

🇦🇪 132.243.121.237

🇸🇬 114.119.152.155

🇫🇷 91.231.89.235

🇰🇷 43.155.134.4

🇮🇳 4.240.8.92

🇳🇱 2.58.56.131

🇯🇵 203.25.124.206

🇲🇦 197.153.57.103