JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.8.114.42

103.8.114.42 was found in our database!

This IP was reported 607 times. Confidence of Abuse is 65%: ?

65%

ISP	Vision Telecom (pvt) Ltd Licensed Telecom Operator In lahore, Pakistan.
Usage Type	Fixed Line ISP
ASN	AS133495
Domain Name	visiontelecom.com.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.8.114.42

Whois 103.8.114.42

IP Abuse Reports for 103.8.114.42:

This IP address has been reported a total of 607 times from 82 distinct sources. 103.8.114.42 was first reported on September 7th 2021, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 12:56:45 (5 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:56:39.826151 2026] [security2:error] [pid 26901:tid 26901] [client 103.8.114.42:40433] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.8.114.42 (+1 hits since last alert)\|lesdaniels.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lesdaniels.com"] [uri "/xmlrpc.php"] [unique_id "aiwCB1CTOLdSewZ6Gyz6eQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 vaia.cloud	2026-06-12 09:57:06 (8 hours ago)	trying wp-login.php/xmlrpc.php 30 times in 1 minutes	Brute-Force Web App Attack
Anonymous	2026-06-11 11:55:31 (1 day ago)	[osotir.org] httpd-xmlrpc-post: sites=ear-books.com; logs=/var/log/httpd/domains/ear-books.com.log; ... show more [osotir.org] httpd-xmlrpc-post: sites=ear-books.com; logs=/var/log/httpd/domains/ear-books.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:53:03 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:52:55.611285 2026] [security2:error] [pid 7645:tid 7645] [client 103.8.114.42:31236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.8.114.42 (+1 hits since last alert)\|artbytracyjane.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artbytracyjane.com"] [uri "/xmlrpc.php"] [unique_id "aiqTh1t0wkAUhwxGKAccGAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-11 10:50:46 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 bazter.pro	2026-06-09 10:27:26 (3 days ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
Anonymous	2026-06-09 08:25:10 (3 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 12:09:45 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:09:38.421846 2026] [security2:error] [pid 9112:tid 9112] [client 103.8.114.42:11726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.8.114.42 (+1 hits since last alert)\|gracebaptisthartsville.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gracebaptisthartsville.com"] [uri "/xmlrpc.php"] [unique_id "aiaxAvlnATSXKddo-B1TcwAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 11:00:26 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 103.8.114.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:00:21.344921 2026] [security2:error] [pid 7749:tid 7749] [client 103.8.114.42:42362] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.8.114.42 (+1 hits since last alert)\|lysedzija.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lysedzija.com"] [uri "/xmlrpc.php"] [unique_id "aiagxbK6lPuTwhNyn6UW9QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-08 08:43:06 (4 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-08 08:10:11 (4 days ago)	(wordpress) Failed wordpress login from 103.8.114.42 (PK/Pakistan/-/-/-/[redacted])	Brute-Force
🇬🇧 PeravixGroup	2026-05-20 14:22:20 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-18 11:28:14 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-15 09:18:01 (4 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-04-30 08:11:59 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 607 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 204.168.240.142

🇪🇸 217.154.106.153

🇺🇸 210.16.100.120

🇬🇧 185.216.145.189

🇺🇸 172.191.239.155

🇺🇸 65.49.1.73

🇲🇾 47.254.254.221

🇧🇷 45.205.1.243

🇬🇧 45.82.76.111

🇲🇽 189.147.19.238

🇲🇽 177.236.32.107

🇺🇸 165.154.182.213

🇯🇵 114.162.143.2

🇨🇳 112.94.252.66

🇺🇸 103.234.62.96

🇷🇺 85.95.166.40

🇹🇭 49.229.108.179

🇭🇰 43.161.246.189

🇨🇳 27.128.160.208

🇨🇳 14.116.150.36