JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.117.92.54

103.117.92.54 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 67%: ?

67%

ISP	HostRoyale Technologies Pvt Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	hostroyale.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.117.92.54

Whois 103.117.92.54

IP Abuse Reports for 103.117.92.54:

This IP address has been reported a total of 30 times from 12 distinct sources. 103.117.92.54 was first reported on May 24th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 23:27:57 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 19:27:48.335488 2026] [security2:error] [pid 18740:tid 18740] [client 103.117.92.54:7096] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exit10band.com"] [uri "/sftp-config.json"] [unique_id "aitEdD6SGGVTniRP51PeFwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 22:40:59 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:40:50.087229 2026] [security2:error] [pid 9538:tid 9557] [client 103.117.92.54:30002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exedesalesteam.com"] [uri "/sftp-config.json"] [unique_id "ais5cj5tqkIqXePVX9ILgAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 17:41:28 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:41:24.421601 2026] [security2:error] [pid 5844:tid 5844] [client 103.117.92.54:31416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolute.io"] [uri "/sftp-config.json"] [unique_id "airzRMkQyRvRXGSah7-DbQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 15:06:38 (14 hours ago)	(mod_security) mod_security (id:949110) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:949110) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:06:32.687696 2026] [security2:error] [pid 12202:tid 12202] [client 103.117.92.54:35994] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "everszuidweg.info"] [uri "/sftp-config.json"] [unique_id "airO-IvQAAJUXIb_6iSiBQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:09:15 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:09:07.817039 2026] [security2:error] [pid 6160:tid 6160] [client 103.117.92.54:38562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evelia.com"] [uri "/sftp-config.json"] [unique_id "aiqlY4Btr4c9pma_fhjIcwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 08:15:24 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:15:17.955560 2026] [security2:error] [pid 14934:tid 14934] [client 103.117.92.54:22754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eurocs2.com"] [uri "/sftp-config.json"] [unique_id "aipulTeeXKmj8oG8FXiW3QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-11 04:26:44 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-11 04:11:03 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 00:10:58.585865 2026] [security2:error] [pid 13618:tid 13623] [client 103.117.92.54:23154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ethicmark.org"] [uri "/sftp-config.json"] [unique_id "aio1UjGkk9OeHpz5vE40aAAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 23:54:41 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:54:36.143126 2026] [security2:error] [pid 9257:tid 9257] [client 103.117.92.54:20510] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "estatemartinc.com"] [uri "/sftp-config.json"] [unique_id "ain5PCVTKQzpW1Qr8jda4QAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-06-10 23:28:32 (1 day ago)	F2B - Malicious activity detected. URL Probing. -8ff06ede-	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 23:22:27 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:22:19.692382 2026] [security2:error] [pid 32630:tid 32630] [client 103.117.92.54:28794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "esslinger.us"] [uri "/sftp-config.json"] [unique_id "ainxq3AuL5HLDFUz_WvxXQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 22:51:20 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:51:12.358853 2026] [security2:error] [pid 10515:tid 10515] [client 103.117.92.54:60254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "essentialee.com"] [uri "/sftp-config.json"] [unique_id "ainqYFq70I8kvnFAqnXJxAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:33:55 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.117.92.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:33:45.871267 2026] [security2:error] [pid 1066:tid 1066] [client 103.117.92.54:3682] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "esneuro.net"] [uri "/sftp-config.json"] [unique_id "ainKKUqlxlF4P2deFmDywAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-10 19:14:10 (1 day ago)	[WedJun1021:14:04.9939452026][security2:error][pid820645:tid820772][client103.117.92.54:0]ModSecurit ... show more [WedJun1021:14:04.9939452026][security2:error][pid820645:tid820772][client103.117.92.54:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"esengineering.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"aim3fL4GntW2O42a_iGpHAAAAQs\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 Baking333	2026-06-08 07:53:54 (3 days ago)	[redacted] 103.117.92.54 - - [08/Jun/2026:08:53:49 +0100] "GET /[redacted] HTTP/2.0" 301 301 "-" "Mo ... show more [redacted] 103.117.92.54 - - [08/Jun/2026:08:53:49 +0100] "GET /[redacted] HTTP/2.0" 301 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 103.117.92.54 - - [08/Jun/2026:08:53:52 +0100] "GET /fr/[redacted]/ HTTP/2.0" 404 26842 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.223.228.197

🇿🇼 197.221.232.44

🇮🇷 194.5.175.155

🇩🇪 193.124.20.246

🇺🇸 192.210.233.234

🇧🇷 179.184.242.48

🇺🇸 137.184.228.138

🇺🇸 64.62.197.213

🇬🇧 35.203.210.157

🇧🇪 35.189.252.187

🇬🇧 5.226.140.3

🇩🇪 213.209.159.158

🇳🇱 178.128.247.124

🇸🇬 172.188.89.41

🇺🇸 154.83.197.151

🇬🇧 152.32.157.92

🇹🇼 118.233.245.132

🇲🇦 81.192.46.49

🇺🇸 76.127.61.251

🇬🇧 35.203.211.137