JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.217.139.10

103.217.139.10 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 51%: ?

51%

ISP	Altos Enterprises Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS138296
Domain Name	altosindia.net
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.217.139.10

Whois 103.217.139.10

IP Abuse Reports for 103.217.139.10:

This IP address has been reported a total of 17 times from 12 distinct sources. 103.217.139.10 was first reported on June 2nd 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 francoisunix	2026-06-23 04:19:14 (2 days ago)	103.217.139.10 - - [23/Jun/2026:04:18:29 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.c ... show more 103.217.139.10 - - [23/Jun/2026:04:18:29 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.com; https://wordpress.com" 103.217.139.10 - - [23/Jun/2026:04:18:39 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com" 103.217.139.10 - - [23/Jun/2026:04:18:50 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" 103.217.139.10 - - [23/Jun/2026:04:19:00 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com" 103.217.139.10 - - [23/Jun/2026:04:19:11 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack/13.0; WordPress/6.2; http://site36146548.com" ... show less	Web App Attack
🇫🇷 dynamix	2026-06-22 13:05:23 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇮 YF	2026-06-11 15:00:38 (1 week ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇳🇱 e.fierstra	2026-06-11 13:38:32 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-11 12:30:59 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-04 13:50:09 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:50:04.953749 2026] [security2:error] [pid 26435:tid 26435] [client 103.217.139.10:63011] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.139.10 (+1 hits since last alert)\|seahattravel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seahattravel.com"] [uri "/xmlrpc.php"] [unique_id "aiGCjN7ZZW9fzVEOpCwS4AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 12:17:04 (2 weeks ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TAY	2026-06-03 13:30:18 (3 weeks ago)	103.217.139.10 - - [03/Jun/2026:21:29:57 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4447 "-" "Jetpack by ... show more 103.217.139.10 - - [03/Jun/2026:21:29:57 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4447 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" 103.217.139.10 - - [03/Jun/2026:21:30:07 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4447 "-" "Jetpack by WordPress.com" 103.217.139.10 - - [03/Jun/2026:21:30:18 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4447 "-" "Jetpack/12.1; WordPress/6.3; http://site30241094.com" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 11:30:23 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:30:14.419723 2026] [security2:error] [pid 11547:tid 11584] [client 103.217.139.10:63049] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.139.10 (+1 hits since last alert)\|ethicmark.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ethicmark.org"] [uri "/xmlrpc.php"] [unique_id "aiAQRqkP0NGb7JClfjQAYwAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-03 11:16:42 (3 weeks ago)	[WedJun0313:16:39.0755902026][security2:error][pid1643575:tid1643717][client103.217.139.10:0]ModSecu ... show more [WedJun0313:16:39.0755902026][security2:error][pid1643575:tid1643717][client103.217.139.10:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"pietroviviani.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiANF6ovU2MmwXa7b90khQAAAQA\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-03 08:41:27 (3 weeks ago)	Blocked by ModSec and CSF	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 05:14:25 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:14:18.722810 2026] [security2:error] [pid 25438:tid 25451] [client 103.217.139.10:64074] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.139.10 (+1 hits since last alert)\|supercyprus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "supercyprus.com"] [uri "/xmlrpc.php"] [unique_id "ah-4KrxaAPByV6KBgHkeSQAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 04:09:29 (3 weeks ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 09:29:44 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.217.139.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:29:37.977652 2026] [security2:error] [pid 602:tid 602] [client 103.217.139.10:62625] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.139.10 (+1 hits since last alert)\|warpedweed.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "warpedweed.com"] [uri "/xmlrpc.php"] [unique_id "ah6igaNvNAKLK0dws-b4cQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 08:58:49 (3 weeks ago)	Attac	Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.205.123.57

🇺🇸 192.225.241.98

🇨🇳 118.145.213.116

🇮🇩 103.168.135.187

🇱🇻 81.30.98.144

🇧🇬 79.124.58.218

🇱🇹 62.60.130.148

🇧🇪 35.233.19.108

🇺🇸 185.117.225.76

🇪🇸 162.158.122.145

🇻🇳 103.75.182.108

🇱🇹 77.90.185.16

🇨🇳 58.222.244.226

🇳🇱 37.139.19.141

🇺🇸 34.136.78.28

🇪🇸 185.176.8.77

🇸🇬 172.188.218.162

🇫🇮 147.185.133.211

🇰🇪 102.204.198.186

🇫🇷 91.231.89.164