JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.98.63.129

103.98.63.129 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 33%: ?

33%

ISP	Thamizhaga Internet Communications Private Limited
Usage Type	Fixed Line ISP
ASN	AS136336
Domain Name	ticfiber.in
Country	🇮🇳 India
City	Chennai, Tamil Nadu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.98.63.129

Whois 103.98.63.129

IP Abuse Reports for 103.98.63.129:

This IP address has been reported a total of 20 times from 12 distinct sources. 103.98.63.129 was first reported on March 29th 2021, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 reznekcs	2026-06-11 09:19:38 (3 days ago)	F2B wordpress ban. Logs: 103.98.63.129 - - [11/Jun/2026:11:19:25 +0200] "POST /xmlrpc.php HTTP/1.1" ... show more F2B wordpress ban. Logs: 103.98.63.129 - - [11/Jun/2026:11:19:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4246 "-" "WordPress.com; https://wordpress.com" 103.98.63.129 - - [11/Jun/2026:11:19:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4246 "-" "Jetpack by WordPress.com" show less	Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-11 08:03:05 (3 days ago)	103.98.63.129 - - [11/Jun/2026:10:02:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by ... show more 103.98.63.129 - - [11/Jun/2026:10:02:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" 103.98.63.129 - - [11/Jun/2026:10:02:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" 103.98.63.129 - - [11/Jun/2026:10:03:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-11 07:47:43 (3 days ago)	103.98.63.129 - - [11/Jun/2026:09:47:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by ... show more 103.98.63.129 - - [11/Jun/2026:09:47:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 103.98.63.129 - - [11/Jun/2026:09:47:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com" 103.98.63.129 - - [11/Jun/2026:09:47:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 06:08:43 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:08:39.990032 2026] [security2:error] [pid 19005:tid 19005] [client 103.98.63.129:13625] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.98.63.129 (+1 hits since last alert)\|artevoix.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artevoix.com"] [uri "/xmlrpc.php"] [unique_id "aipQ567bpSURYXWwB8qkfAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 11:44:35 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 07:44:30.637433 2026] [security2:error] [pid 22596:tid 22596] [client 103.98.63.129:8623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.98.63.129 (+1 hits since last alert)\|shelbysmoak.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shelbysmoak.com"] [uri "/xmlrpc.php"] [unique_id "ailOHvzDJtMQnziTt6JqNgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 11:25:09 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 07:25:00.491481 2026] [security2:error] [pid 14415:tid 14415] [client 103.98.63.129:32044] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.98.63.129 (+1 hits since last alert)\|shannonraevocalstudio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "ailJjDNi78DfiztdfNpEIwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 06:37:00 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:36:53.318266 2026] [security2:error] [pid 27542:tid 27542] [client 103.98.63.129:2245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.98.63.129 (+1 hits since last alert)\|microbooty.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "microbooty.com"] [uri "/xmlrpc.php"] [unique_id "aikGBYPQa30hYiiReUKYTgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:08:10 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:08:02.949765 2026] [security2:error] [pid 15981:tid 15981] [client 103.98.63.129:11551] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.98.63.129 (+1 hits since last alert)\|tcomputerguy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tcomputerguy.com"] [uri "/xmlrpc.php"] [unique_id "aigCIlzhRcKZ8BhLfTfJswAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:11:43 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.98.63.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:11:36.789888 2026] [security2:error] [pid 16543:tid 16543] [client 103.98.63.129:9603] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.98.63.129 (+1 hits since last alert)\|deltasouls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "deltasouls.com"] [uri "/xmlrpc.php"] [unique_id "aif06MaMCKx1FbcITfKTbAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
Anonymous	2026-05-17 06:02:02 (4 weeks ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇩🇪 filstal.org	2026-05-01 08:24:24 (1 month ago)	Bad web bot: Spoofed/obsolete UA (Opera/9.65.(X11; Linux i686; or-IN) Presto/2.9.165 Version/10.00). ... show more Bad web bot: Spoofed/obsolete UA (Opera/9.65.(X11; Linux i686; or-IN) Presto/2.9.165 Version/10.00). Mass-scanning WordPress plugin. Coordinated large-scale bot attack. show less	Bad Web Bot Web App Attack
Anonymous	2026-04-29 05:44:54 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
Anonymous	2025-08-08 15:39:39 (10 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.08.08 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.08.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2024-01-09 06:12:52 (2 years ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.176

🇺🇸 154.29.235.72

🇭🇰 150.5.154.160

🇵🇰 119.152.228.233

🇵🇰 72.255.17.6

🇺🇸 65.49.1.164

🇺🇸 65.49.1.152

🇺🇸 57.151.128.215

🇸🇬 43.156.201.48

🇸🇬 43.134.11.201

🇩🇪 2a00:c380:c102:ec03:9999::244

🇩🇪 213.209.159.56

🇲🇽 201.103.215.188

🇫🇮 157.22.127.157

🇳🇱 77.83.39.14

🇵🇰 36.255.33.217

🇭🇰 199.45.154.112

🇧🇪 198.235.24.225

🇬🇧 185.247.137.130

🇺🇸 165.154.135.161