JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.42.197.141

103.42.197.141 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 4%: ?

ISP	Kerala Vision Broad Band Private Limited
Usage Type	Fixed Line ISP
ASN	AS138754
Hostname(s)	keralavisionisp-dynamic-141.197.42.103.keralavisionisp.com
Domain Name	keralavisionisp.com
Country	🇮🇳 India
City	Thrissur, Kerala

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.42.197.141

Whois 103.42.197.141

IP Abuse Reports for 103.42.197.141:

This IP address has been reported a total of 9 times from 7 distinct sources. 103.42.197.141 was first reported on March 4th 2022, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-21 15:54:51 (13 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇦🇺 weblite	2025-11-13 22:22:50 (7 months ago)	WP_XMLRPC_ABUSE	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 20:16:20 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 103.42.197.141 (keralavisionisp-dynamic-141.197 ... show more (mod_security) mod_security (id:225170) triggered by 103.42.197.141 (keralavisionisp-dynamic-141.197.42.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 15:16:12.551530 2025] [security2:error] [pid 31229:tid 31229] [client 103.42.197.141:16291] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dogarttoday.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dogarttoday.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRY8jHJNQaP4zuKYhCsG6gAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 15:47:52 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 103.42.197.141 (keralavisionisp-dynamic-141.197 ... show more (mod_security) mod_security (id:225170) triggered by 103.42.197.141 (keralavisionisp-dynamic-141.197.42.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 10:47:44.811175 2025] [security2:error] [pid 6144:tid 6144] [client 103.42.197.141:35827] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|add-a-heading.xyz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "add-a-heading.xyz"] [uri "/wp-json/wp/v2/users"] [unique_id "aRX9oPjMkLiLg0prRwOWfgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2025-11-13 13:45:53 (7 months ago)	Unauthorized access to webpage admin	Web App Attack
🇬🇧 seniorlinuxadmin	2025-11-13 06:01:38 (7 months ago)	103.42.197.141 - - [13/Nov/2025:06:01:35 +0000] "POST /xmlrpc.php HTTP/1.1" 404 158 "-" "Mozilla/5.0 ... show more 103.42.197.141 - - [13/Nov/2025:06:01:35 +0000] "POST /xmlrpc.php HTTP/1.1" 404 158 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/97.0.0.0 Safari/537.36" show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 05:27:37 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 103.42.197.141 (keralavisionisp-dynamic-141.197 ... show more (mod_security) mod_security (id:225170) triggered by 103.42.197.141 (keralavisionisp-dynamic-141.197.42.103.keralavisionisp.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 00:27:29.675296 2025] [security2:error] [pid 26443:tid 26443] [client 103.42.197.141:18984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|convtek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "convtek.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRVsQZwbfnK_RsPa60lQZgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-10 00:12:40 (9 months ago)	XMLRPC Hack Attempts	Hacking Brute-Force
Anonymous	2022-03-04 02:50:37 (4 years ago)	Attempts to probe for or exploit a Drupal 7.78 site on url: /wp-login.php. Reported by the module ht ... show more Attempts to probe for or exploit a Drupal 7.78 site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb. show less	Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 203.9.150.111

🇳🇱 193.176.31.153

🇲🇽 187.246.0.24

🇨🇳 183.24.176.240

🇸🇪 158.174.211.17

🇮🇳 111.235.66.253

🇧🇷 192.141.107.131

🇦🇷 190.244.39.224

🇳🇱 185.213.175.92

🇧🇷 177.155.133.175

🇵🇭 154.18.197.35

🇧🇷 129.121.47.136

🇨🇳 124.77.142.1

🇨🇳 121.227.152.171

🇮🇩 103.140.206.213

🇺🇸 74.82.47.43

🇬🇧 45.82.76.134

🇵🇱 194.180.49.216

🇺🇸 172.253.223.219

🇨🇳 111.121.41.235