JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.75.161.134

103.75.161.134 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 98%: ?

98%

ISP	Speednet Unique Network Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS135760
Domain Name	speednetkolkata.com
Country	🇮🇳 India
City	Kolkata, West Bengal

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.75.161.134

Whois 103.75.161.134

IP Abuse Reports for 103.75.161.134:

This IP address has been reported a total of 62 times from 30 distinct sources. 103.75.161.134 was first reported on March 29th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-23 22:25:31 (3 hours ago)		Brute-Force Web App Attack
Anonymous	2026-06-23 06:06:04 (19 hours ago)	Trying to access config files	Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 05:11:11 (20 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.75.161.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.75.161.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 01:11:05.579001 2026] [security2:error] [pid 925:tid 925] [client 103.75.161.134:53111] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.75.161.134 (+1 hits since last alert)\|silalaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "silalaw.com"] [uri "/xmlrpc.php"] [unique_id "ajoVaZQLNlt9iMOFPGaNpgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-23 04:50:17 (20 hours ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-23 04:50:07 (20 hours ago)	[ssd5.kdns.gr] httpd-xmlrpc-post: sites=tentes-margaritis.gr; logs=/var/log/httpd/domains/tentes-mar ... show more [ssd5.kdns.gr] httpd-xmlrpc-post: sites=tentes-margaritis.gr; logs=/var/log/httpd/domains/tentes-margaritis.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 04:40:06 (20 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.75.161.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.75.161.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 00:39:58.841843 2026] [security2:error] [pid 5200:tid 5267] [client 103.75.161.134:59622] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.75.161.134 (+1 hits since last alert)\|mysticscon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mysticscon.com"] [uri "/xmlrpc.php"] [unique_id "ajoOHnvCzGuL-0uXDiZUwQAAAgs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Lunix	2026-06-23 04:03:36 (21 hours ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 06:09:27 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 103.75.161.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.75.161.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 02:09:23.202476 2026] [security2:error] [pid 30664:tid 30664] [client 103.75.161.134:64122] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.75.161.134 (+1 hits since last alert)\|firebelly.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "firebelly.org"] [uri "/xmlrpc.php"] [unique_id "ajeAExPBXMPtBNlM03RPKwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-21 05:55:42 (2 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/-	Web App Attack
🇳🇱 Site.eu	2026-06-21 05:03:31 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-21 05:01:09 (2 days ago)	[redacted] 103.75.161.134 - - [21/Jun/2026:07:00:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 103.75.161.134 - - [21/Jun/2026:07:00:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 103.75.161.134 - - [21/Jun/2026:07:00:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site36859331.com" [redacted] 103.75.161.134 - - [21/Jun/2026:07:00:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site59452566.com" [redacted] 103.75.161.134 - - [21/Jun/2026:07:00:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site38829836.com" [redacted] 103.75.161.134 - - [21/Jun/2026:07:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TAY	2026-06-21 03:00:06 (2 days ago)	103.75.161.134 - - [21/Jun/2026:10:59:42 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack by ... show more 103.75.161.134 - - [21/Jun/2026:10:59:42 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 103.75.161.134 - - [21/Jun/2026:10:59:55 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack/12.1; WordPress/6.2; http://site45448034.com" 103.75.161.134 - - [21/Jun/2026:11:00:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack by WordPress.com" ... show less	Brute-Force
🇲🇾 Rizzy	2026-06-20 03:38:48 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-19 14:48:52 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇪🇸 gnom4ik	2026-06-19 08:02:40 (4 days ago)	ban-reviewer auto report; ip=103.75.161.134; scenario=http:exploit; scenario_context=http:exploit,fi ... show more ban-reviewer auto report; ip=103.75.161.134; scenario=http:exploit; scenario_context=http:exploit,firehol_greensnow; verdict=valid_ban; confidence=0.92; categories=21; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high; scenario_attack_class show less	Web App Attack

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.128

🇹🇷 213.156.152.106

🇳🇱 195.178.110.188

🇸🇬 101.47.15.26

🇸🇦 37.127.192.160

🇺🇸 20.15.162.238

🇧🇷 205.164.235.6

🇷🇺 193.233.48.169

🇵🇭 138.84.110.109

🇫🇮 135.181.249.252

🇮🇩 103.112.245.85

🇹🇬 102.64.175.217

🇳🇱 89.248.168.36

🇳🇱 45.148.10.147

🇺🇸 35.196.122.32

🇨🇳 14.103.107.29

🇨🇳 222.93.13.12

🇩🇪 212.132.105.176

🇲🇳 202.21.114.114

🇺🇸 195.184.76.183