JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.219.169.213

103.219.169.213 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 16%: ?

16%

ISP	Latitude.sh
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396356
Domain Name	latitude.sh
Country	🇨🇴 Colombia
City	Barrio San Luis, Bogota D.C.

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.219.169.213

Whois 103.219.169.213

IP Abuse Reports for 103.219.169.213:

This IP address has been reported a total of 13 times from 9 distinct sources. 103.219.169.213 was first reported on November 19th 2024, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 22:08:45 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:08:40.608209 2026] [security2:error] [pid 14791:tid 14791] [client 103.219.169.213:51956] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.219.169.213 (+1 hits since last alert)\|thesalonx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "ajW96H443cCjgXH_O2Di4wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 10:03:31 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 06:03:25.978356 2026] [security2:error] [pid 1650:tid 1650] [client 103.219.169.213:55429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.219.169.213 (+1 hits since last alert)\|odysseydogasporlari.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "odysseydogasporlari.com"] [uri "/xmlrpc.php"] [unique_id "ahwHbXPrDCIanHq4xSBkNAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 04:12:56 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 00:12:48.130134 2026] [security2:error] [pid 20730:tid 20730] [client 103.219.169.213:49956] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.219.169.213 (+1 hits since last alert)\|thesalonx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "ahu1QKYrK3r8ulMOuf0UfAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 abdubhai	2026-05-02 15:23:10 (1 month ago)	103.219.169.213 - - [02/May/2026 ...	Brute-Force
🇮🇹 [email protected]	2026-04-23 11:18:25 (1 month ago)	103.219.169.213 - - [23/Apr/2026:11:48:23 +0200] "POST /xmlrpc.php HTTP/1.1" 500 4036 "-" "Mozilla/5 ... show more 103.219.169.213 - - [23/Apr/2026:11:48:23 +0200] "POST /xmlrpc.php HTTP/1.1" 500 4036 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇩🇪 abdubhai	2026-04-23 10:08:37 (1 month ago)	103.219.169.213 - - [23/Apr/2026 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-01-29 12:18:52 (4 months ago)	(mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.219.169.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 07:18:42.296006 2026] [security2:error] [pid 672:tid 672] [client 103.219.169.213:59726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.219.169.213 (+1 hits since last alert)\|www.goddesskink.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.goddesskink.com"] [uri "/new/xmlrpc.php"] [unique_id "aXtQItEXOawS2vP39eSwsAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-08-01 06:20:53 (10 months ago)	1.947 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇩🇪 Nerdscave Hosting	2025-08-01 05:30:14 (10 months ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇨🇿 lp	2024-11-19 23:57:33 (1 year ago)	Email account brute force: 5 attempts were recorded from 103.219.169.213 2024-11-20T00:11:09+01:00 w ... show more Email account brute force: 5 attempts were recorded from 103.219.169.213 2024-11-20T00:11:09+01:00 warning: unknown[103.219.169.213]: SASL LOGIN authentication failed: authentication failure, [email protected] 2024-11-20T00:11:25+01:00 warning: unknown[103.219.169.213]: SASL LOGIN authentication failed: authentication failure, [email protected] 2024-11-20T00:11:46+01:00 warning: unknown[103.219.169.213]: SASL LOGIN authentication failed: authentication failure, [email protected] 2024-11-20T00:12:03+01:00 warning: unknown[103.219.169.213]: SASL LOGIN authentication failed: authentication failure, [email protected] 2024-11-20T00:12:22+01:00 warning: unknown[103.219.169.213]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
Anonymous	2024-11-19 22:53:06 (1 year ago)	Ports: 25,2525,110,143,993,995; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-11-19 22:45:33 (1 year ago)	BruteForce IMAP/POP3	Brute-Force
🇺🇸 bigscoots.com	2024-11-19 22:40:14 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 103.219.169.213 (CO/Colombia/-): 5 in the last 3600 secs; Por ... show more (smtpauth) Failed SMTP AUTH login from 103.219.169.213 (CO/Colombia/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2024-11-19 17:39:33 dovecot_login authenticator failed for (KJkNv2P9XS) [103.219.169.213]:8400: 535 Incorrect authentication data ([email protected]) 2024-11-19 17:39:38 dovecot_login authenticator failed for (IlzqOej) [103.219.169.213]:9344: 535 Incorrect authentication data ([email protected]) 2024-11-19 17:39:48 dovecot_login authenticator failed for (QKSEX2Dq) [103.219.169.213]:12477: 535 Incorrect authentication data ([email protected]) 2024-11-19 17:39:53 dovecot_login authenticator failed for (7Gfomr34) [103.219.169.213]:14952: 535 Incorrect authentication data ([email protected]) 2024-11-19 17:40:11 dovecot_login authenticator failed for (WcgEZP) [103.219.169.213]:19816: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 85.173.96.230

🇳🇱 45.148.10.157

🇮🇩 36.64.131.68

🇺🇸 34.24.198.93

🇳🇱 2.58.56.23

🇷🇴 2.57.122.238

🇲🇦 105.156.71.64

🇺🇸 97.210.133.186

🇮🇳 92.4.76.12

🇬🇧 45.198.224.46

🇫🇮 147.185.133.200

🇺🇸 104.196.51.71

🇫🇮 89.167.82.102

🇨🇳 36.137.38.119

🇵🇭 27.110.166.67

🇨🇳 218.13.173.90

🇷🇺 185.100.102.40

🇺🇸 162.216.150.85

🇪🇸 90.170.47.115

🇫🇷 85.69.240.210