JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.166.245.197

103.166.245.197 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 23%: ?

23%

ISP	Kerala Vision Broad Band Private Limited
Usage Type	Fixed Line ISP
ASN	AS138754
Hostname(s)	keralavisionisp-dynamic-197.245.166.103.keralavisionisp.com
Domain Name	keralavisionisp.com
Country	🇮🇳 India
City	Thrissur, Kerala

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.166.245.197

Whois 103.166.245.197

IP Abuse Reports for 103.166.245.197:

This IP address has been reported a total of 14 times from 12 distinct sources. 103.166.245.197 was first reported on September 6th 2021, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 abdubhai	2026-06-14 09:43:52 (13 hours ago)	103.166.245.197 - - [14/Jun/2026 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 07:32:11 (15 hours ago)	(mod_security) mod_security (id:225170) triggered by 103.166.245.197 (keralavisionisp-dynamic-197.24 ... show more (mod_security) mod_security (id:225170) triggered by 103.166.245.197 (keralavisionisp-dynamic-197.245.166.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 03:32:03.070211 2026] [security2:error] [pid 21090:tid 21090] [client 103.166.245.197:18268] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hodlmoser.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hodlmoser.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai5Y836BIgvh8DOTJMBdyAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-14 02:47:52 (20 hours ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 02:31:24 (20 hours ago)	(mod_security) mod_security (id:225170) triggered by 103.166.245.197 (keralavisionisp-dynamic-197.24 ... show more (mod_security) mod_security (id:225170) triggered by 103.166.245.197 (keralavisionisp-dynamic-197.245.166.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:31:16.282679 2026] [security2:error] [pid 9472:tid 9478] [client 103.166.245.197:2484] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gabegabel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gabegabel.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai4SdM6eVvrpL7HekUtiMAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 13:52:17 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 103.166.245.197 (keralavisionisp-dynamic-197.24 ... show more (mod_security) mod_security (id:225170) triggered by 103.166.245.197 (keralavisionisp-dynamic-197.245.166.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 09:52:09.751865 2026] [security2:error] [pid 11212:tid 11212] [client 103.166.245.197:43846] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|havilahmalone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "havilahmalone.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acPoidpciAA057JnX4BIgAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-02-13 13:28:35 (4 months ago)	F2B - Malicious activity detected. Excessive port scans.	Port Scan
🇺🇸 cybsecaoccol	2026-02-07 19:16:01 (4 months ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
Anonymous	2025-12-11 15:10:05 (6 months ago)	botnet	DDoS Attack
🇺🇸 mnsf	2025-10-22 11:05:21 (7 months ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇳🇱 exxos	2025-09-01 23:05:06 (9 months ago)	Attacks with Bad user agents	Hacking
🇪🇸 Global Cyber Police	2025-07-28 02:57:12 (10 months ago)	Malicious bot activity detected: Hitting honeypot page. Part of massive botnet.	DDoS Attack Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-18 23:37:51 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 EGP Abuse Dept	2022-06-15 02:40:51 (3 years ago)	Unauthorized connection to IMAP port 993	Port Scan Hacking
🇺🇸 etu brutus	2021-09-06 02:20:59 (4 years ago)	21/9/6@02:20:59: FAIL: Alarm-Network address from=103.166.245.197 21/9/6@02:20:59: FAIL: Alarm-Netwo ... show more 21/9/6@02:20:59: FAIL: Alarm-Network address from=103.166.245.197 21/9/6@02:20:59: FAIL: Alarm-Network address from=103.166.245.197 ... show less	Hacking Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 43.165.3.187

🇷🇺 37.77.150.241

🇹🇷 5.25.249.10

🇭🇰 152.32.128.204

🇺🇸 34.29.3.15

🇺🇸 20.65.193.204

🇺🇸 5.181.170.74

🇧🇴 181.188.176.242

🇨🇴 181.129.41.162

🇺🇸 130.12.44.88

🇲🇴 125.31.2.160

🇨🇳 121.204.147.24

🇷🇺 95.71.127.158

🇱🇹 81.30.98.142

🇳🇱 45.148.10.121

🇨🇦 85.217.149.12

🇫🇷 84.247.190.156

🇱🇹 77.90.185.62

🇳🇱 45.148.10.157

🇬🇧 35.203.210.199