JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.56.237.245

103.56.237.245 was found in our database!

This IP was reported 3 times. Confidence of Abuse is 15%: ?

15%

ISP	Meghbela Sanchar Private Limited
Usage Type	Fixed Line ISP
ASN	AS45804
Domain Name	pmplbroadband.net
Country	🇮🇳 India
City	Shrirampur, West Bengal

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.56.237.245

Whois 103.56.237.245

IP Abuse Reports for 103.56.237.245:

This IP address has been reported a total of 3 times from 2 distinct sources. 103.56.237.245 was first reported on June 15th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Séfora Srl	2026-06-15 15:02:12 (20 hours ago)	Failed attempt detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 13:34:50 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.56.237.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.56.237.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:34:39.196659 2026] [security2:error] [pid 14806:tid 14818] [client 103.56.237.245:8384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.56.237.245 (+1 hits since last alert)\|kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kettlehill.com"] [uri "/xmlrpc.php"] [unique_id "ai__bzzoVLyk6uT7IBbAYwAAAYQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 13:02:47 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.56.237.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.56.237.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:02:33.440131 2026] [security2:error] [pid 15110:tid 15110] [client 103.56.237.245:8219] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.56.237.245 (+1 hits since last alert)\|nextstepplus.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nextstepplus.net"] [uri "/xmlrpc.php"] [unique_id "ai_36TqAR8uPyrYo7t58vQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 3 of 3 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 172.71.119.87

🇧🇬 78.128.113.22

🇮🇳 182.78.73.94

🇷🇺 178.178.194.123

🇺🇸 64.62.156.210

🇩🇪 49.12.185.204

🇧🇷 45.205.1.247

🇳🇱 45.148.10.147

🇸🇬 43.156.12.237

🇨🇳 36.137.131.9

🇺🇸 208.84.100.196

🇺🇸 207.46.13.155

🇯🇵 203.25.124.189

🇦🇷 181.28.101.14

🇺🇸 173.239.221.12

🇺🇸 172.234.218.22

🇬🇧 87.106.44.172

🇺🇸 66.132.186.243

🇫🇮 65.21.44.81

🇺🇸 47.251.59.83