JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.185.242.167

103.185.242.167 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 50%: ?

50%

ISP	Digiana Speed Net Private Limited
Usage Type	Fixed Line ISP
ASN	AS149617
Hostname(s)	167.242.185.103.in-addr.arpa
Domain Name	digianaspeednet.com
Country	🇮🇳 India
City	Kasrawad, Madhya Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.185.242.167

Whois 103.185.242.167

IP Abuse Reports for 103.185.242.167:

This IP address has been reported a total of 21 times from 16 distinct sources. 103.185.242.167 was first reported on July 15th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 integrantservices.com	2026-06-07 12:00:24 (2 weeks ago)	(wordpress) Failed wordpress login from 103.185.242.167 (IN/India/167.242.185.103.in-addr.arpa)	Brute-Force
Anonymous	2026-06-07 11:00:01 (2 weeks ago)	(wordpress) Failed wordpress login from 103.185.242.167 (IN/India/Maharashtra/Mumbai/167.242.185.103 ... show more (wordpress) Failed wordpress login from 103.185.242.167 (IN/India/Maharashtra/Mumbai/167.242.185.103.in-addr.arpa/[redacted]) show less	Brute-Force
🇩🇪 rh24	2026-06-07 07:44:38 (2 weeks ago)	(wordpress) Failed wordpress login from 103.185.242.167 (IN/India/167.242.185.103.in-addr.arpa): (C ... show more (wordpress) Failed wordpress login from 103.185.242.167 (IN/India/167.242.185.103.in-addr.arpa): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 10:56:52 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): ... show more (mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 06:56:47.004109 2026] [security2:error] [pid 11926:tid 11926] [client 103.185.242.167:64669] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.185.242.167 (+1 hits since last alert)\|ssion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "aiKrb410dc-p-slCIwnZqgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-05 10:25:19 (2 weeks ago)	(wordpress) Failed wordpress login from 103.185.242.167 (IN/India/167.242.185.103.in-addr.arpa)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 10:07:33 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): ... show more (mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 06:07:24.935930 2026] [security2:error] [pid 1170:tid 1170] [client 103.185.242.167:51916] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.185.242.167 (+1 hits since last alert)\|thingstodonude.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thingstodonude.com"] [uri "/xmlrpc.php"] [unique_id "aiKf3LZILPyxiFvRi1jhuwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 06:52:16 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): ... show more (mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:52:12.384974 2026] [security2:error] [pid 11325:tid 11325] [client 103.185.242.167:65353] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.185.242.167 (+1 hits since last alert)\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cemesur-vision21.com"] [uri "/xmlrpc.php"] [unique_id "aiJyHOf3DYpxbhYtWfNRuAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-06-04 08:09:46 (2 weeks ago)	AutoBlock: 🔐 WordPress Login Brute Force (20X or 30X) (Decay-Based)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:08:54 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): ... show more (mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:08:45.566333 2026] [security2:error] [pid 29235:tid 29235] [client 103.185.242.167:61492] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.185.242.167 (+1 hits since last alert)\|superzilla.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "superzilla.com"] [uri "/xmlrpc.php"] [unique_id "aiEkfXCCIkjiXcIxvYcN3AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 05:34:14 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-06-04 04:02:04 (2 weeks ago)	Bot / scanning and/or hacking attempts: GET /xmlrpc.php HTTP/1.1, POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-03 10:39:19 (3 weeks ago)		Bad Web Bot Web App Attack
🇩🇪 abdubhai	2026-06-03 09:37:10 (3 weeks ago)	103.185.242.167 - - [03/Jun/2026 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 07:35:43 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): ... show more (mod_security) mod_security (id:240335) triggered by 103.185.242.167 (167.242.185.103.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:35:36.719504 2026] [security2:error] [pid 12460:tid 12460] [client 103.185.242.167:60616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.185.242.167 (+1 hits since last alert)\|bikinitweets.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bikinitweets.com"] [uri "/xmlrpc.php"] [unique_id "ah_ZSIEWpEwZwcjn6T_PtQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-03 05:31:06 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC 167.242.185.103.in-addr.arpa	Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 86.111.187.163

🇺🇸 64.227.109.89

🇭🇷 213.191.139.147

🇺🇸 208.109.191.140

🇲🇾 203.121.40.210

🇬🇧 195.96.139.10

🇮🇹 185.197.8.106

🇺🇸 185.180.141.2

🇮🇹 91.80.136.158

🇬🇧 88.97.216.61

🇭🇰 62.72.181.186

🇺🇸 52.146.88.130

🇺🇸 50.62.22.47

🇬🇧 45.82.76.111

🇺🇸 20.168.0.218

🇺🇸 18.218.118.203

🇺🇸 2a04:c300:400::1cc

🇺🇸 185.180.141.4

🇨🇳 119.2.198.203

🇭🇰 103.103.245.61