JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.203.208.80

103.203.208.80 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 19%: ?

19%

ISP	SS BROADBAND SERVICES PVT LTD
Usage Type	Fixed Line ISP
ASN	AS142527
Domain Name	ssbroadbandservices.com
Country	🇮🇳 India
City	Sonipat, Haryana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.203.208.80

Whois 103.203.208.80

IP Abuse Reports for 103.203.208.80:

This IP address has been reported a total of 5 times from 4 distinct sources. 103.203.208.80 was first reported on May 9th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 BlueWire Hosting	2026-06-24 15:16:42 (5 days ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 09:51:04 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 103.203.208.80 (node10320320880.kkdbroadband.co ... show more (mod_security) mod_security (id:240335) triggered by 103.203.208.80 (node10320320880.kkdbroadband.co.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:50:56.528140 2026] [security2:error] [pid 11543:tid 11543] [client 103.203.208.80:8353] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.203.208.80 (+1 hits since last alert)\|madisonjazzorchestra.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "madisonjazzorchestra.com"] [uri "/xmlrpc.php"] [unique_id "ajuogIfLYHxzga5AgTWPHwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 month ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 1175168a-7e6d-467e-bb9a-dd1cdfa3fb9e	DDoS Attack
🇺🇸 TPI-Abuse	2026-05-25 08:36:41 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 103.203.208.80 (node10320320880.kkdbroadband.co ... show more (mod_security) mod_security (id:240335) triggered by 103.203.208.80 (node10320320880.kkdbroadband.co.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 04:36:31.988611 2026] [security2:error] [pid 1665:tid 1665] [client 103.203.208.80:20015] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.203.208.80 (+1 hits since last alert)\|incrp.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "incrp.org"] [uri "/xmlrpc.php"] [unique_id "ahQKDwSi3IUL7n3W3TY63gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Maike	2025-05-09 06:18:53 (1 year ago)	ports, 445/24H:1/7D:1	Port Scan

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2001:1c00:3:400:cdfa:212a:de9c:d92f

🇧🇷 200.219.200.16

🇬🇧 165.227.234.27

🇺🇸 157.230.133.16

🇳🇱 91.92.243.207

🇩🇪 164.92.161.148

🇫🇮 147.185.133.49

🇭🇰 118.26.39.231

🇮🇳 103.132.243.250

🇷🇴 80.94.92.55

🇺🇸 65.182.74.176

🇨🇳 59.173.108.205

🇩🇪 51.89.24.175

🇬🇧 35.203.210.154

🇳🇱 195.178.110.155

🇩🇪 185.242.3.111

🇻🇳 157.10.45.70

🇸🇬 103.189.235.182

🇫🇷 51.178.251.89

🇭🇰 45.120.216.232