JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.212.139.44

103.212.139.44 was found in our database!

This IP was reported 87 times. Confidence of Abuse is 74%: ?

74%

ISP	Gstech Software Systems Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS133676
Domain Name	preciousnetcom.in
Country	🇮🇳 India
City	Hapur, Uttar Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.212.139.44

Whois 103.212.139.44

IP Abuse Reports for 103.212.139.44:

This IP address has been reported a total of 87 times from 43 distinct sources. 103.212.139.44 was first reported on February 25th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 10:55:13 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 06:55:08.291000 2026] [security2:error] [pid 18459:tid 18459] [client 103.212.139.44:60231] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|abeltours.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abeltours.com"] [uri "/xmlrpc.php"] [unique_id "aju3jHlzpTuEcNkQeZjhJQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-24 10:33:52 (16 hours ago)	(xmlrpc_405) XMLRPC-Bot 405 103.212.139.44 (IN/India/-)	Hacking
🇳🇱 Site.eu	2026-06-24 10:29:29 (16 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇧🇷 dominioz	2026-06-24 10:16:19 (16 hours ago)	2026-06-24 10:14:51 POST /xmlrpc.php - - 103.212.139.44 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 ... show more 2026-06-24 10:14:51 POST /xmlrpc.php - - 103.212.139.44 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 2026-06-24 10:14:59 POST /xmlrpc.php - - 103.212.139.44 HTTP/1.1 Jetpack/13.0;+WordPress/6.2;+http://site19830083.com - 200 650 2026-06-24 10:15:10 POST /xmlrpc.php - - 103.212.139.44 HTTP/1.1 Jetpack/13.0;+WordPress/6.1;+http://site44262936.com - 200 650 2026-06-24 10:15:20 POST /xmlrpc.php - - 103.212.139.44 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+12.1;+WordPress+6.2) - 200 650 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 10:01:29 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 06:01:22.894281 2026] [security2:error] [pid 4194:tid 4194] [client 103.212.139.44:61756] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|churchbehindthewalls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "churchbehindthewalls.com"] [uri "/xmlrpc.php"] [unique_id "ajuq8i-PZYwfs-YWKwDBrgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 07:52:09 (19 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:52:03.206212 2026] [security2:error] [pid 1423:tid 1423] [client 103.212.139.44:52792] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|usaangelinvestors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "usaangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "ajuMo2lC8L-dw0P3I7TtkgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-24 05:46:49 (21 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-24 05:24:37 (21 hours ago)	(wordpress) Failed wordpress login from 103.212.139.44 (IN/India/-)	Brute-Force
Anonymous	2026-06-23 07:31:36 (1 day ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=anyfantis.gr; logs=/var/log/httpd/domains/anyfantis.gr.log; sa ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=anyfantis.gr; logs=/var/log/httpd/domains/anyfantis.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 11:55:21 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 07:55:14.769513 2026] [security2:error] [pid 15786:tid 15786] [client 103.212.139.44:50412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|advantagept.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "advantagept.org"] [uri "/xmlrpc.php"] [unique_id "ajkiok7zjKe4S51QCEQY0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-19 09:13:11 (5 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 08:44:31 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:44:26.935217 2026] [security2:error] [pid 22997:tid 22997] [client 103.212.139.44:54341] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|verdeprofundo.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "ajUBar1dMYz8u-PEUEVVawAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-19 07:45:03 (5 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-19 06:53:55 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:53:50.136222 2026] [security2:error] [pid 23356:tid 23356] [client 103.212.139.44:60443] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|csm-dtc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "csm-dtc.com"] [uri "/xmlrpc.php"] [unique_id "ajTnfl-1vJNfQ2U6FzewrQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 07:58:17 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.212.139.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 03:58:12.876067 2026] [security2:error] [pid 26565:tid 26565] [client 103.212.139.44:61045] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.212.139.44 (+1 hits since last alert)\|495metro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "495metro.com"] [uri "/xmlrpc.php"] [unique_id "ajOlFCwK4UiQrS2EVtTEMAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 87 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 203.67.99.229

🇺🇸 198.74.50.114

🇬🇧 185.213.245.59

🇷🇺 176.119.185.234

🇵🇰 139.135.59.171

🇺🇸 69.54.6.125

🇩🇪 69.5.169.238

🇺🇸 65.49.1.107

🇺🇸 64.62.197.140

🇲🇾 49.124.153.27

🇨🇳 36.106.166.162

🇪🇸 213.177.197.230

🇬🇧 185.247.137.29

🇬🇧 185.176.207.98

🇺🇸 162.216.149.192

🇺🇸 162.216.149.188

🇺🇸 157.230.8.75

🇻🇳 123.17.236.139

🇺🇸 109.105.210.88

🇮🇩 108.136.131.13