JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.126.30.33

103.126.30.33 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	PT Integra Kreasitama Solusindo
Usage Type	Fixed Line ISP
ASN	AS138119
Hostname(s)	gtw-jkt-30-33.integrasia.id
Domain Name	integrasia.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.126.30.33

Whois 103.126.30.33

IP Abuse Reports for 103.126.30.33:

This IP address has been reported a total of 34 times from 19 distinct sources. 103.126.30.33 was first reported on June 9th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Feelautom	2026-06-12 11:42:34 (7 hours ago)	[FeelAutom Auto-Ban] AI Analyst: Score élevé (100/200) comportement malveillant (Score: 200)	Hacking
🇩🇪 Marc	2026-06-12 11:26:35 (8 hours ago)	103.126.30.33 - - [12/Jun/2026:13:26:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3402 "-" "Jetpack by ... show more 103.126.30.33 - - [12/Jun/2026:13:26:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3402 "-" "Jetpack by WordPress.com" 103.126.30.33 - - [12/Jun/2026:13:26:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3402 "-" "Jetpack/12.1; WordPress/6.2; http://site46970131.com" 103.126.30.33 - - [12/Jun/2026:13:26:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "WordPress.com; https://wordpress.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:59:09 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:59:02.230017 2026] [security2:error] [pid 1260:tid 1260] [client 103.126.30.33:56390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.126.30.33 (+1 hits since last alert)\|michaelthompson.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michaelthompson.biz"] [uri "/xmlrpc.php"] [unique_id "aivmdg34tYHVv8uGWTfrLgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 08:56:17 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:56:12.163801 2026] [security2:error] [pid 8789:tid 8789] [client 103.126.30.33:59552] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.126.30.33 (+1 hits since last alert)\|pearlhomesfw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pearlhomesfw.com"] [uri "/xmlrpc.php"] [unique_id "aivJrEIr0JUOkc1nmVs2BwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2026-06-12 08:09:01 (11 hours ago)	103.126.30.33 - - [12/Jun/2026:10:09:01 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://w ... show more 103.126.30.33 - - [12/Jun/2026:10:09:01 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:22:05 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:21:58.704181 2026] [security2:error] [pid 31592:tid 31592] [client 103.126.30.33:50323] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.126.30.33 (+1 hits since last alert)\|thepercussionworks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "aiuzljURtnTehBZgdkA1kQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-06-12 04:46:03 (14 hours ago)	Wordfence waf block on fairregistry	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:34:24 (14 hours ago)	(mod_security) mod_security (id:225170) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 ... show more (mod_security) mod_security (id:225170) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:34:20.819658 2026] [security2:error] [pid 20831:tid 20831] [client 103.126.30.33:56280] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|goseethenurse.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "goseethenurse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiuMTPwnuVdYdg6Z6UeghgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 03:55:04 (15 hours ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-12 02:21:36 (17 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 applemooz	2026-06-11 14:00:05 (1 day ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-11 13:04:04 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ID/Indonesia/gtw-jkt-30-33.integrasia.id	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:33:52 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 ... show more (mod_security) mod_security (id:240335) triggered by 103.126.30.33 (gtw-jkt-30-33.integrasia.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:33:45.169572 2026] [security2:error] [pid 10530:tid 10530] [client 103.126.30.33:53753] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.126.30.33 (+1 hits since last alert)\|bfpsamoa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bfpsamoa.com"] [uri "/xmlrpc.php"] [unique_id "aiqdGYxcA2anALORnGm3HQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-11 10:48:34 (1 day ago)	(wordpress) Failed wordpress login from 103.126.30.33 (ID/Indonesia/gtw-jkt-30-33.integrasia.id): ( ... show more (wordpress) Failed wordpress login from 103.126.30.33 (ID/Indonesia/gtw-jkt-30-33.integrasia.id): (CF_ENABLE) show less	Brute-Force
🇫🇷 Feelautom	2026-06-11 09:38:40 (1 day ago)	[FeelAutom Auto-Ban] AI Analyst: 5 PathScan sur xmlrpc.php - scan malveillant	Port Scan

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.217

🇲🇿 197.219.208.38

🇺🇸 162.216.149.147

🇩🇿 154.255.20.48

🇦🇷 129.224.215.113

🇸🇬 47.84.7.187

🇪🇨 45.224.97.241

🇺🇸 34.132.254.249

🇫🇮 193.164.155.103

🇳🇱 172.94.9.55

🇭🇰 152.32.209.166

🇺🇸 132.196.19.18

🇵🇰 119.154.158.243

🇺🇸 107.150.98.59

🇨🇳 101.95.175.30

🇬🇧 86.23.219.206

🇨🇦 20.220.195.127

🇲🇽 186.96.145.241

🇺🇸 177.234.139.196

🇫🇷 176.149.246.125