JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 163.53.25.154

163.53.25.154 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 53%: ?

53%

ISP	Subisu Cablenet
Usage Type	Fixed Line ISP
ASN	AS4007
Domain Name	subisu.net.np
Country	🇳🇵 Nepal
City	Kathmandu, Bagmati Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 163.53.25.154

Whois 163.53.25.154

IP Abuse Reports for 163.53.25.154:

This IP address has been reported a total of 32 times from 17 distinct sources. 163.53.25.154 was first reported on February 18th 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TAY	2026-06-24 10:12:28 (4 days ago)	163.53.25.154 - - [24/Jun/2026:18:12:06 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack by ... show more 163.53.25.154 - - [24/Jun/2026:18:12:06 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack by WordPress.com" 163.53.25.154 - - [24/Jun/2026:18:12:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack by WordPress.com" 163.53.25.154 - - [24/Jun/2026:18:12:27 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack/13.0; WordPress/6.1; http://site61762594.com" ... show less	Brute-Force
🇸🇪 konseptit	2026-06-24 08:09:47 (4 days ago)	(wordpress) Failed wordpress login from 163.53.25.154 (NP/Nepal/-)	Brute-Force
🇩🇪 BlueWire Hosting	2026-06-24 07:08:06 (4 days ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-06-24 06:07:38 (4 days ago)	Fail2Ban - Wordpress brute-force ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:40:29 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:40:23.511272 2026] [security2:error] [pid 19497:tid 19497] [client 163.53.25.154:17850] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 163.53.25.154 (+1 hits since last alert)\|robinsnestingplace.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "robinsnestingplace.net"] [uri "/xmlrpc.php"] [unique_id "ajtft8ELF1TP6731GsqAeAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2026-06-24 04:04:34 (4 days ago)	163.53.25.154 - - [24/Jun/2026:06:03:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3298 "-" "Jetpack/13. ... show more 163.53.25.154 - - [24/Jun/2026:06:03:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3298 "-" "Jetpack/13.0; WordPress/6.1; http://site53386484.com" 163.53.25.154 - - [24/Jun/2026:06:04:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 163.53.25.154 - - [24/Jun/2026:06:04:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "Jetpack/12.1; WordPress/6.4; http://site41057059.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 11:56:10 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 07:56:03.895973 2026] [security2:error] [pid 11838:tid 11838] [client 163.53.25.154:57872] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 163.53.25.154 (+1 hits since last alert)\|directcch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "directcch.com"] [uri "/xmlrpc.php"] [unique_id "ajp0U3R5JkYk0vZfxtTbzAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-23 10:52:37 (5 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-23 06:42:08 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 02:42:01.719896 2026] [security2:error] [pid 27326:tid 27349] [client 163.53.25.154:6740] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 163.53.25.154 (+1 hits since last alert)\|rockabyecotons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockabyecotons.com"] [uri "/xmlrpc.php"] [unique_id "ajoquZ91oehAxAfGZd--MgAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 05:41:00 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 01:40:52.924906 2026] [security2:error] [pid 21671:tid 21671] [client 163.53.25.154:59531] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 163.53.25.154 (+1 hits since last alert)\|palumbodesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "palumbodesigns.com"] [uri "/xmlrpc.php"] [unique_id "ajocZOqz8OCGllt5BWTK0gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 sasbau	2026-06-22 15:37:45 (6 days ago)	163.53.25.154 - - [22/Jun/2026:17:37:24 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack by W ... show more 163.53.25.154 - - [22/Jun/2026:17:37:24 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack by WordPress.com" 163.53.25.154 - - [22/Jun/2026:17:37:33 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "WordPress.com; https://wordpress.com" 163.53.25.154 - - [22/Jun/2026:17:37:44 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack/12.5; WordPress/6.2; http://site62482842.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 09:42:15 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 163.53.25.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 05:42:09.617653 2026] [security2:error] [pid 25541:tid 25541] [client 163.53.25.154:6665] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 163.53.25.154 (+1 hits since last alert)\|kircali.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kircali.net"] [uri "/xmlrpc.php"] [unique_id "ajkDcaaQWq9RqSFDEi6LcAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-18 15:14:28 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇩🇪 Tamsy	2026-03-16 10:03:03 (3 months ago)	SMTP - Brute-force attack	Brute-Force
Anonymous	2026-03-01 03:09:37 (3 months ago)	Aggressive web scan	Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.187.176.103

🇧🇭 46.184.160.91

🇲🇽 189.217.130.86

🇰🇿 185.233.3.95

🇺🇸 174.35.25.179

🇺🇸 143.14.6.22

🇹🇭 116.206.124.153

🇯🇵 20.78.0.33

🇨🇳 8.138.155.88

🇪🇬 196.204.71.189

🇸🇬 103.187.146.90

🇬🇧 87.236.176.252

🇱🇻 81.30.98.62

🇳🇱 45.148.10.31

🇺🇸 34.181.144.75

🇫🇷 23.222.250.22

🇦🇪 217.164.121.124

🇺🇸 194.187.179.142

🇩🇿 193.194.91.218

🇧🇷 179.48.229.117