JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.249.4.63

103.249.4.63 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 46%: ?

46%

ISP	Alliance Broadband Services Pvt. Ltd.
Usage Type	Fixed Line ISP
ASN	AS23860
Domain Name	alliancekolkata.com
Country	🇮🇳 India
City	Kolkata, West Bengal

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.249.4.63

Whois 103.249.4.63

IP Abuse Reports for 103.249.4.63:

This IP address has been reported a total of 17 times from 7 distinct sources. 103.249.4.63 was first reported on June 5th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 05:21:44 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:21:26.792034 2026] [security2:error] [pid 2317:tid 2317] [client 103.249.4.63:49359] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|genevaatlantic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "genevaatlantic.com"] [uri "/xmlrpc.php"] [unique_id "aipF1v82n7hpi7oR3XQoYAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 04:48:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 00:48:19.371225 2026] [security2:error] [pid 9369:tid 9369] [client 103.249.4.63:50412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|drayvian.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drayvian.com"] [uri "/xmlrpc.php"] [unique_id "aio-E0jJ-gDlJBqpea9MBwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 08:30:22 (1 day ago)	[redacted] 103.249.4.63 - - [10/Jun/2026:10:29:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ... show more [redacted] 103.249.4.63 - - [10/Jun/2026:10:29:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 103.249.4.63 - - [10/Jun/2026:10:29:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 103.249.4.63 - - [10/Jun/2026:10:30:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 103.249.4.63 - - [10/Jun/2026:10:30:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" [redacted] 103.249.4.63 - - [10/Jun/2026:10:30:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" ... show less	Hacking Web App Attack
Anonymous	2026-06-10 07:30:05 (2 days ago)	[redacted] 103.249.4.63 - - [10/Jun/2026:09:29:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Wo ... show more [redacted] 103.249.4.63 - - [10/Jun/2026:09:29:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 103.249.4.63 - - [10/Jun/2026:09:29:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 103.249.4.63 - - [10/Jun/2026:09:29:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 103.249.4.63 - - [10/Jun/2026:09:29:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 103.249.4.63 - - [10/Jun/2026:09:30:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" ... show less	Hacking Web App Attack
🇺🇸 integrantservices.com	2026-06-10 03:24:42 (2 days ago)	(wordpress) Failed wordpress login from 103.249.4.63 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 13:57:39 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:57:23.305775 2026] [security2:error] [pid 27142:tid 27142] [client 103.249.4.63:50642] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|newcastle91.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newcastle91.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aigbwxxzIteWtovYKJN3dgAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 13:25:34 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:25:19.290840 2026] [security2:error] [pid 2729:tid 2729] [client 103.249.4.63:52790] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|iplayriichi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iplayriichi.com"] [uri "/xmlrpc.php"] [unique_id "aigUPz_UWQjuW0Rko88HVgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 07:38:00 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:37:46.036867 2026] [security2:error] [pid 29344:tid 29344] [client 103.249.4.63:50369] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|mainefirst.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mainefirst.org"] [uri "/xmlrpc.php"] [unique_id "aifCyubJM32nALL7tSIq3QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 05:35:07 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:34:53.023506 2026] [security2:error] [pid 2451:tid 2451] [client 103.249.4.63:64716] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|zabyte.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "zabyte.net"] [uri "/xmlrpc.php"] [unique_id "aiel_a08zB2zT_FG3tf0MwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2026-06-09 04:21:24 (3 days ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2026-06-09 04:21:09 (3 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:23:50 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:23:34.010836 2026] [security2:error] [pid 27708:tid 27708] [client 103.249.4.63:59862] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|gemco-mfg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gemco-mfg.com"] [uri "/xmlrpc.php"] [unique_id "aiZR1u7eiyqZS5_DUmAuRgAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 14:25:39 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 10:25:25.161034 2026] [security2:error] [pid 4488:tid 4499] [client 103.249.4.63:57309] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|grupojdg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "grupojdg.com"] [uri "/xmlrpc.php"] [unique_id "aiLcVQ7dTS-nG3AJ2H9iFQAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:57:07 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.249.4.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:56:51.997689 2026] [security2:error] [pid 24419:tid 24419] [client 103.249.4.63:49637] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.249.4.63 (+1 hits since last alert)\|mortuarymessageservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mortuarymessageservices.com"] [uri "/xmlrpc.php"] [unique_id "aiK5gwBKyAhcGVwifR0QDAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-05 11:50:11 (6 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.182.65.219

🇮🇩 182.10.97.132

🇳🇱 176.65.148.229

🇮🇳 168.144.31.76

🇮🇩 103.154.231.122

🇺🇸 20.169.48.140

🇺🇸 13.86.116.129

🇪🇹 196.189.237.172

🇻🇳 160.30.113.59

🇺🇸 130.131.162.156

🇭🇰 101.36.122.139

🇮🇪 34.240.52.241

🇳🇱 5.83.143.40

🇩🇪 213.209.159.227

🇺🇸 192.210.228.134

🇺🇸 192.3.145.26

🇨🇳 124.77.184.134

🇨🇳 118.196.13.204

🇬🇧 89.37.172.148

🇺🇸 45.33.14.197