JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.198.154.214

103.198.154.214 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 64%: ?

64%

ISP	PLAY BROADBAND (PRIVATE) LIMITED
Usage Type	Fixed Line ISP
ASN	AS151330
Hostname(s)	103.198.154.214-pbb.net.pk
Domain Name	pbb.net.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.198.154.214

Whois 103.198.154.214

IP Abuse Reports for 103.198.154.214:

This IP address has been reported a total of 30 times from 15 distinct sources. 103.198.154.214 was first reported on January 27th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-20 22:25:23 (2 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-19 09:21:47 (3 days ago)	103.198.154.214 - - [19/Jun/2026:11:21:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack b ... show more 103.198.154.214 - - [19/Jun/2026:11:21:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" 103.198.154.214 - - [19/Jun/2026:11:21:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 103.198.154.214 - - [19/Jun/2026:11:21:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-19 09:06:19 (3 days ago)	103.198.154.214 - - [19/Jun/2026:11:05:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack b ... show more 103.198.154.214 - - [19/Jun/2026:11:05:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com" 103.198.154.214 - - [19/Jun/2026:11:06:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com" 103.198.154.214 - - [19/Jun/2026:11:06:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 08:36:39 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 103.198.154.214 (103.198.154.214-pbb.net.pk): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.198.154.214 (103.198.154.214-pbb.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:36:32.862187 2026] [security2:error] [pid 19788:tid 19788] [client 103.198.154.214:56670] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.198.154.214 (+1 hits since last alert)\|deborahbein.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "deborahbein.com"] [uri "/xmlrpc.php"] [unique_id "ajT_kHCKPfZmzprOHQWqRAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇭 thaizone.com	2026-06-17 17:45:08 (5 days ago)	Brute-forcing login against websites (D1-1) #1	Web App Attack Hacking
Anonymous	2026-06-17 17:44:13 (5 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 14:15:26 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 103.198.154.214 (103.198.154.214-pbb.net.pk): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.198.154.214 (103.198.154.214-pbb.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 10:15:17.656673 2026] [security2:error] [pid 28386:tid 28386] [client 103.198.154.214:56468] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.198.154.214 (+1 hits since last alert)\|graymatterofdc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "graymatterofdc.com"] [uri "/xmlrpc.php"] [unique_id "ajFadaLvCsBi77wwIuMkoAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-16 12:09:35 (6 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:08:06 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.198.154.214 (103.198.154.214-pbb.net.pk): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.198.154.214 (103.198.154.214-pbb.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:08:01.503372 2026] [security2:error] [pid 6936:tid 6936] [client 103.198.154.214:54117] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.198.154.214 (+1 hits since last alert)\|orcastrong.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "orcastrong.com"] [uri "/xmlrpc.php"] [unique_id "ajBNkRxXW1jeIOscZ3bzQwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 12:42:13 (1 week ago)	Attac	Brute-Force
🇩🇪 big-cloud.nl	2026-06-15 12:38:07 (1 week ago)	Try to access /xmlrpc.php	Web App Attack
🇫🇷 dynamix	2026-06-15 08:36:01 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇷 Kenshin869	2026-06-11 06:06:34 (1 week ago)	Wordpress unauthorized access attempt	Brute-Force
🇩🇪 ger-stg-sifi1	2026-06-10 15:58:17 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 grassau.com	2026-06-07 13:26:15 (2 weeks ago)	(wordpress) Failed wordpress login from 103.198.154.214 (PK/Pakistan/Punjab/Lahore/103.198.154.214-p ... show more (wordpress) Failed wordpress login from 103.198.154.214 (PK/Pakistan/Punjab/Lahore/103.198.154.214-pbb.net.pk) show less	Brute-Force

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 14.103.103.211

🇲🇽 201.149.53.243

🇧🇪 198.235.24.178

🇰🇷 121.181.194.23

🇮🇳 103.114.211.139

🇺🇸 73.176.157.57

🇸🇬 172.188.89.41

🇨🇳 116.179.32.170

🇨🇦 85.217.149.69

🇲🇾 47.250.184.9

🇸🇬 43.173.180.13

🇺🇸 3.89.225.137

🇺🇸 2607:f8b0:400e:c02::12b

🇨🇳 218.13.26.42

🇵🇪 190.119.131.37

🇨🇷 190.112.222.28

🇧🇩 182.160.106.100

🇨🇳 101.126.141.163

🇷🇴 80.94.92.177

🇺🇸 67.205.153.76