JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.124.198.86

103.124.198.86 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 0%: ?

ISP	PT INFORMASI NUSANTARA TEKNOLOGI
Usage Type	Fixed Line ISP
ASN	AS138096
Hostname(s)	mail.intek.net.id mail.datadigitalindo.com
Domain Name	intek.net.id
Country	🇮🇩 Indonesia
City	Batam, Riau

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.124.198.86

Whois 103.124.198.86

IP Abuse Reports for 103.124.198.86:

This IP address has been reported a total of 34 times from 21 distinct sources. 103.124.198.86 was first reported on August 24th 2021, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 IllusionCloud	2024-11-14 00:38:23 (1 year ago)	ILShield Appliance Alert: The following IPv4 address has been identified with potential malicious ac ... show more ILShield Appliance Alert: The following IPv4 address has been identified with potential malicious activities, including Internet Scanning, Denial of Service (DoS) Attacks, Participation in Distributed Denial of Service (DDoS) Attacks, Transmission of Invalid Packets, Potential IP Spoofing. show less	DNS Compromise DNS Poisoning DDoS Attack FTP Brute-Force Ping of Death SQL Injection Brute-Force Exploited Host Web App Attack SSH IoT Targeted
🇲🇹 Malta	2024-09-24 06:49:28 (1 year ago)	103.124.198.86 - - [24/Sep/2024:08:49:28 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 103.124.198.86 - - [24/Sep/2024:08:49:28 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇦🇺 MAGIC	2024-08-09 13:03:05 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 Hippoline	2024-07-23 02:17:18 (1 year ago)	Jul 23 04:13:05 local wp(XXXX-A)[6404]: Authentication attempt for unknown user admin from ::ffff:10 ... show more Jul 23 04:13:05 local wp(XXXX-A)[6404]: Authentication attempt for unknown user admin from ::ffff:103.124.198.86 ... show less	Brute-Force Web App Attack
🇪🇸 10dencehispahard SL	2024-07-20 05:07:39 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇩🇪 FeG Deutschland	2024-07-20 02:44:01 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities - 13	Exploited Host Web App Attack
🇩🇪 Hazzard	2024-07-19 05:31:05 (1 year ago)	(wordpress) Failed wordpress login from 103.124.198.86 (ID/Indonesia/Riau/Batam/mail.intek.net.id/[r ... show more (wordpress) Failed wordpress login from 103.124.198.86 (ID/Indonesia/Riau/Batam/mail.intek.net.id/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 RLDD	2024-07-18 22:45:52 (1 year ago)	WP probing for vulnerabilities -mob	Web App Attack
🇺🇸 TPI-Abuse	2024-07-18 20:00:36 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.intek.net.id): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.intek.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 18 16:00:28.363132 2024] [security2:error] [pid 20665:tid 20752] [client 103.124.198.86:50363] [client 103.124.198.86] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.124.198.86 (+1 hits since last alert)\|gochemless.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gochemless.com"] [uri "/xmlrpc.php"] [unique_id "Zpl0XBM4bkfROOelT52fKAAAAE0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-15 11:51:09 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.intek.net.id): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.intek.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 15 07:51:01.152941 2024] [security2:error] [pid 20235] [client 103.124.198.86:51701] [client 103.124.198.86] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 31.3.152.100 (1+1 hits since last alert)\|www.jaspergoss.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.jaspergoss.info"] [uri "/xmlrpc.php"] [unique_id "ZpUNJXfqAo6wBwhQbl9-MgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2024-07-02 05:09:53 (1 year ago)	WordPress xmlrpc spam or enumeration ...	Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-01 02:10:20 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.datadigitalindo.com): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.datadigitalindo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 30 22:10:16.156832 2024] [security2:error] [pid 466] [client 103.124.198.86:60398] [client 103.124.198.86] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.124.198.86 (+1 hits since last alert)\|www.calvarycavaliers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.calvarycavaliers.org"] [uri "/xmlrpc.php"] [unique_id "ZoIQCJ0dm2ZTTK2cQGa0lwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-06-28 08:22:27 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.intek.net.id): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 103.124.198.86 (mail.intek.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 28 04:22:23.378303 2024] [security2:error] [pid 26828] [client 103.124.198.86:42585] [client 103.124.198.86] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 134.19.179.179 (1+1 hits since last alert)\|site.kimbrothersusa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "site.kimbrothersusa.com"] [uri "/xmlrpc.php"] [unique_id "Zn5yv_Bq7XhsIkwYeNEhmQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 applemooz	2024-06-24 16:36:11 (1 year ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇧🇪 cmbplf	2024-06-24 06:26:44 (1 year ago)	516 requests to */xmlrpc.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.91

🇺🇸 132.196.32.68

🇮🇳 115.96.31.238

🇨🇳 221.214.56.78

🇩🇪 209.38.236.225

🇺🇸 184.105.247.243

🇨🇳 118.145.144.95

🇱🇰 112.134.188.78

🇻🇳 103.154.62.14

🇨🇳 58.212.237.179

🇺🇸 35.224.254.204

🇬🇧 35.203.211.112

🇺🇸 20.163.32.78

🇸🇬 8.219.102.103

🇺🇸 216.25.89.132

🇮🇱 199.203.130.66

🇨🇱 186.10.86.130

🇺🇸 73.57.80.193

🇺🇸 66.132.195.26

🇺🇸 66.132.186.190