JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.157.11.97

103.157.11.97 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 29%: ?

29%

ISP	Digital Media
Usage Type	Fixed Line ISP
ASN	AS58762
Domain Name	yesdigitalmedia.com
Country	🇮🇳 India
City	Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.157.11.97

Whois 103.157.11.97

IP Abuse Reports for 103.157.11.97:

This IP address has been reported a total of 9 times from 7 distinct sources. 103.157.11.97 was first reported on December 16th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-19 11:26:33 (9 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇬🇧 noise.agency	2026-06-19 07:25:42 (13 hours ago)	(wordpress) Failed wordpress login from 103.157.11.97 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 06:52:30 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.157.11.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.157.11.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:52:25.953593 2026] [security2:error] [pid 1452:tid 1452] [client 103.157.11.97:59279] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.157.11.97 (+1 hits since last alert)\|aifactoid.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aifactoid.com"] [uri "/xmlrpc.php"] [unique_id "ajTnKQ5cJ7imuISpDoShAgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 05:31:00 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.157.11.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.157.11.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 01:30:55.988160 2026] [security2:error] [pid 17391:tid 17404] [client 103.157.11.97:9929] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.157.11.97 (+1 hits since last alert)\|cynosurepressurewashing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurepressurewashing.com"] [uri "/xmlrpc.php"] [unique_id "aemuj1C-1qvdGRc_GU1jEQAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-23 05:30:30 (1 month ago)		Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-04-23 05:20:51 (1 month ago)	(wordpress) Failed wordpress login from 103.157.11.97 (IN/India/-/-/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-04-23 04:51:34 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.157.11.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.157.11.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 00:51:30.006485 2026] [security2:error] [pid 15091:tid 15091] [client 103.157.11.97:10414] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.157.11.97 (+1 hits since last alert)\|ftiptondds.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftiptondds.com"] [uri "/xmlrpc.php"] [unique_id "aemlUpb5Jw3HGVA5k9E7CAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-03-20 04:45:23 (2 months ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇫🇷 geeek	2025-12-16 09:39:41 (6 months ago)	Port scanning: 445 TCP Blocked	Port Scan

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 184.168.21.211

🇺🇸 148.153.139.71

🇨🇳 113.96.15.64

🇺🇸 66.132.172.230

🇺🇸 64.225.52.66

🇺🇸 44.44.15.135

🇺🇸 20.163.3.234

🇩🇪 2.27.29.214

🇲🇽 187.191.48.4

🇨🇳 122.243.72.230

🇱🇹 81.30.98.144

🇳🇱 45.148.10.151

🇺🇸 3.132.26.232

🇵🇰 119.30.116.64

🇸🇬 118.194.233.253

🇺🇸 96.78.175.36

🇺🇸 44.88.92.244

🇬🇧 35.203.211.247

🇬🇧 35.203.211.11

🇯🇵 8.216.3.37