JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.154.55.228

103.154.55.228 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 46%: ?

46%

ISP	Kerala Vision Broad Band Private Limited
Usage Type	Fixed Line ISP
ASN	AS138754
Hostname(s)	keralavisionisp-dynamic-228.55.154.103.keralavisionisp.com
Domain Name	keralavisionisp.com
Country	🇮🇳 India
City	Payyanur, Kerala

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.154.55.228

Whois 103.154.55.228

IP Abuse Reports for 103.154.55.228:

This IP address has been reported a total of 10 times from 7 distinct sources. 103.154.55.228 was first reported on June 17th 2026, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 07:34:40 (21 hours ago)	(mod_security) mod_security (id:225170) triggered by 103.154.55.228 (keralavisionisp-dynamic-228.55. ... show more (mod_security) mod_security (id:225170) triggered by 103.154.55.228 (keralavisionisp-dynamic-228.55.154.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:34:35.134006 2026] [security2:error] [pid 26585:tid 26585] [client 103.154.55.228:51387] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|myomni.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "myomni.us"] [uri "/wp-json/wp/v2/users"] [unique_id "akIgC0rTWPsemHh8g-TOYwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-06-29 07:30:58 (21 hours ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 18:36:36 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 103.154.55.228 (keralavisionisp-dynamic-228.55. ... show more (mod_security) mod_security (id:225170) triggered by 103.154.55.228 (keralavisionisp-dynamic-228.55.154.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:36:23.021893 2026] [security2:error] [pid 28639:tid 28639] [client 103.154.55.228:60212] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|zabyte.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zabyte.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akAYJwtwSgPFsNo3Bd5EZAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-27 18:29:47 (2 days ago)	103.154.55.228 - - [27/Jun/2026:20:28:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5. ... show more 103.154.55.228 - - [27/Jun/2026:20:28:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/14.0.0.0 Safari/537.36" 103.154.55.228 - - [27/Jun/2026:20:29:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/14.0.0.0 Safari/537.36" 103.154.55.228 - - [27/Jun/2026:20:29:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/80.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-27 06:20:50 (2 days ago)	103.154.55.228 - - [27/Jun/2026:08:18:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5. ... show more 103.154.55.228 - - [27/Jun/2026:08:18:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/99.0.0.0 Safari/537.36" 103.154.55.228 - - [27/Jun/2026:08:20:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/12.0.0.0 Safari/537.36" 103.154.55.228 - - [27/Jun/2026:08:20:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/12.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇳🇱 wlt-blocker	2026-06-26 08:45:44 (3 days ago)	Unauthorized access to webpage admin	Web App Attack
🇪🇸 masterguru	2026-06-25 13:34:10 (4 days ago)	(xmlrpc) Failed xmlrpc access from 103.154.55.228 (IN/India/keralavisionisp-dynamic-228.55.154.103.k ... show more (xmlrpc) Failed xmlrpc access from 103.154.55.228 (IN/India/keralavisionisp-dynamic-228.55.154.103.keralavisionisp.com): 5 in the last 3600 secs (0-122) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-25 05:01:11 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 103.154.55.228 (keralavisionisp-dynamic-228.55. ... show more (mod_security) mod_security (id:225170) triggered by 103.154.55.228 (keralavisionisp-dynamic-228.55.154.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:00:58.616256 2026] [security2:error] [pid 5378:tid 5378] [client 103.154.55.228:65499] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|riser-astrology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riser-astrology.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajy2CrpXndYlNBrsCY2hBQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-22 05:45:10 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-17 13:50:35 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.49.220

🇬🇧 193.163.125.118

🇺🇸 190.111.162.86

🇲🇽 187.191.48.4

🇺🇸 170.130.204.58

🇺🇸 170.130.204.18

🇨🇳 124.193.81.23

🇺🇸 103.203.57.13

🇳🇱 89.21.67.167

🇫🇷 85.69.240.210

🇰🇷 49.238.167.125

🇬🇧 35.203.210.216

🇨🇳 212.64.21.64

🇹🇷 185.174.69.65

🇦🇷 181.209.76.203

🇮🇹 178.255.72.35

🇻🇳 123.20.28.116

🇮🇳 103.127.30.137

🇮🇳 103.88.76.27

🇱🇹 77.90.185.78