JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.190.253.201

103.190.253.201 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 0%: ?

ISP	Adri Infocom Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS136332
Domain Name	adricorp.com
Country	🇮🇳 India
City	Basti, Uttar Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.190.253.201

Whois 103.190.253.201

IP Abuse Reports for 103.190.253.201:

This IP address has been reported a total of 55 times from 23 distinct sources. 103.190.253.201 was first reported on January 14th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-16 04:42:31 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 23:42:25.025682 2026] [security2:error] [pid 6846:tid 6846] [client 103.190.253.201:50036] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fgrotary.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fgrotary.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aWnBsXmqRBq-7joTWs9amQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-13 07:48:22 (5 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇺🇸 TPI-Abuse	2026-01-13 07:12:08 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 02:12:03.541224 2026] [security2:error] [pid 29742:tid 29742] [client 103.190.253.201:55285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rochesterhistorical.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rochesterhistorical.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aWXwQxYGTKn0OIwFii6U5AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-19 03:14:37 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 18 22:14:31.752518 2025] [security2:error] [pid 17327:tid 17327] [client 103.190.253.201:53524] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rkhindustries.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rkhindustries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aR02F96yTYP-rDpgqeyvYgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 teamsecure	2025-11-18 07:54:24 (6 months ago)	Banned for trying to access xmlrpc	Web App Attack
🇹🇷 rtbh.com.tr	2025-11-17 20:09:58 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2025-11-16 20:09:57 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇨🇿 ddw	2025-11-02 06:36:44 (7 months ago)	WordPress XMLRPC.PHP Access Attempt.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 09:12:54 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 05:12:48.348267 2025] [security2:error] [pid 15031:tid 15031] [client 103.190.253.201:50575] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|naturalacu.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "naturalacu.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQXPEPULfTog-AKdD9PKYAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-30 08:09:55 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 30 04:09:52.092487 2025] [security2:error] [pid 25321:tid 25321] [client 103.190.253.201:61441] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|freemanfoundationcle.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "freemanfoundationcle.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aQMdUJxA5AwzTnAuvqhSUQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 teamsecure	2025-10-30 05:17:10 (7 months ago)	Banned for trying to access xmlrpc	Web App Attack
🇩🇪 rh24	2025-10-29 10:48:08 (7 months ago)	(wordpress) Failed wordpress login from 103.190.253.201 (IN/India/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2025-10-29 08:47:12 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 103.190.253.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 04:47:04.953306 2025] [security2:error] [pid 18126:tid 18126] [client 103.190.253.201:56025] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dupagekanewildliferemoval.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dupagekanewildliferemoval.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQHUiFPbhRxoxA7TLH_OGgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-28 08:15:50 (7 months ago)	(wordpress) Failed wordpress login from 103.190.253.201 (IN/India/-)	Brute-Force
🇳🇱 ipoac.nl	2025-10-27 08:49:25 (7 months ago)	*:443 103.190.253.201 - - [27/Oct/2025:09:49:25 +0100] * "POST /xmlrpc.php HTTP/1.1" 403 3627 "- ... show more *:443 103.190.253.201 - - [27/Oct/2025:09:49:25 +0100] * "POST /xmlrpc.php HTTP/1.1" 403 3627 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" show less	Bad Web Bot

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 195.178.191.5

🇨🇴 185.75.12.207

🇨🇳 180.76.61.232

🇨🇳 58.18.80.18

🇷🇺 31.6.119.252

🇨🇦 20.151.179.130

🇨🇳 223.76.108.98

🇷🇺 185.70.129.15

🇷🇺 178.176.86.211

🇺🇸 172.172.214.224

🇺🇸 172.101.134.16

🇱🇹 141.98.9.130

🇸🇬 140.245.118.215

🇨🇳 118.145.235.110

🇱🇹 62.60.130.129

🇵🇰 39.38.154.56

🇹🇷 31.145.131.202

🇧🇬 5.188.206.66

🇺🇸 2001:470:1:fb5::1c0

🇮🇩 203.175.125.130