JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.140.108.197

103.140.108.197 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 0%: ?

ISP	PT DRAGON CAPITAL CENTRE
Usage Type	Unknown
ASN	Unknown
Hostname(s)	diskominfo-pasaman-197-108.fiber.net.id
Domain Name	dragoncapitaldevelopment.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.140.108.197

Whois 103.140.108.197

IP Abuse Reports for 103.140.108.197:

This IP address has been reported a total of 44 times from 18 distinct sources. 103.140.108.197 was first reported on November 1st 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2024-01-07 01:26:25 (2 years ago)	[Sun Jan 07 08:26:23.432776 2024] [security2:error] [pid 50336:tid 140234937284160] [client 103.140. ... show more [Sun Jan 07 08:26:23.432776 2024] [security2:error] [pid 50336:tid 140234937284160] [client 103.140.108.197:52173] [client 103.140.108.197] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:(?:^\|=)[\\\\s\\\\v](?:t[\\"'\\\\)\\\\[-\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\v])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?-@_a-\\\\{])?\\\\x5c?i[\\"'\\\$\\\\[-\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\v])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?-@_a-\\\\{])?\\\\x5c?m[\\"'\\\$\\\\[-\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\v]*)?\\ ..." at REQUEST_COOKIES:ASPSESSIONIDSCQRSAQR. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "1946"] [id "932236"] [msg "Remote Command Execution: Unix Command Injection (command without evasion)"] [data "Matched Data: FD found within REQUEST_COOKIES:ASPSESSIONIDSCQRSAQR: FDCIFGIAMMJMFDPDPBJEJFCD request_line = GET / HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/4.0.0-rc2"] [tag "application-multi"] [tag "l ... show less	Hacking Web App Attack
🇮🇩 penjaga BRIN	2024-01-06 22:12:30 (2 years ago)	nginx-4xx-240	Web App Attack
🇮🇩 hermawan	2024-01-05 14:12:12 (2 years ago)	[Fri Jan 05 21:12:10.647586 2024] [security2:error] [pid 36859:tid 140372246582848] [client 103.140. ... show more [Fri Jan 05 21:12:10.647586 2024] [security2:error] [pid 36859:tid 140372246582848] [client 103.140.108.197:64217] [client 103.140.108.197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "12"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ZZgOOt9mVX7VO-YtgAOPrgAAAZA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[36931] [eF4eb8uQhIM] [ZZgOOt9mVX7VO-YtgAOPrgAAAZA] keep_alive=[0] [2024-01-05 21:12:10.647590] [R:ZZgOOt9mVX7VO-YtgAOPrgAAAZA] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/ ... show less	Hacking Web App Attack
🇮🇩 hermawan	2024-01-03 13:44:10 (2 years ago)	[Wed Jan 03 20:44:08.971375 2024] [security2:error] [pid 114808:tid 140708488930880] [client 103.140 ... show more [Wed Jan 03 20:44:08.971375 2024] [security2:error] [pid 114808:tid 140708488930880] [client 103.140.108.197:62936] [client 103.140.108.197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "12"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ZZVkqInGO2SOKwsIruSUtwAAAS0"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[114871] [gkczz3I0Dm0] [ZZVkqInGO2SOKwsIruSUtwAAAS0] keep_alive=[0] [2024-01-03 20:44:08.971378] [R:ZZVkqInGO2SOKwsIruSUtwAAAS0] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,* ... show less	Hacking Web App Attack
🇮🇩 hermawan	2023-12-30 23:51:28 (2 years ago)	[Sun Dec 31 06:51:26.347009 2023] [security2:error] [pid 221704:tid 140118744626752] [client 103.140 ... show more [Sun Dec 31 06:51:26.347009 2023] [security2:error] [pid 221704:tid 140118744626752] [client 103.140.108.197:50105] [client 103.140.108.197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "12"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ZZCs_mrEVoEEnkTeEEdYDAAAAbE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[221829] [FQOs00rtqKU] [ZZCs_mrEVoEEnkTeEEdYDAAAAbE] keep_alive=[0] [2023-12-31 06:51:26.347012] [R:ZZCs_mrEVoEEnkTeEEdYDAAAAbE] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,* ... show less	Hacking Web App Attack
🇮🇩 hermawan	2023-12-30 13:36:57 (2 years ago)	[Sat Dec 30 20:36:51.263465 2023] [security2:error] [pid 1235962:tid 140064428377664] [client 103.14 ... show more [Sat Dec 30 20:36:51.263465 2023] [security2:error] [pid 1235962:tid 140064428377664] [client 103.140.108.197:57496] [client 103.140.108.197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "12"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ZZAc8xpASZozlJHeg-uYmAAAAiE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1236101] [VpK+PTI8UgE] [ZZAc8xpASZozlJHeg-uYmAAAAiE] keep_alive=[0] [2023-12-30 20:36:51.263470] [R:ZZAc8xpASZozlJHeg-uYmAAAAiE] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9 ... show less	Hacking Web App Attack
🇺🇸 mawan	2023-12-30 11:15:35 (2 years ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇮🇩 Burayot	2023-12-27 15:05:35 (2 years ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 103.140.108.197 (ID/Indonesia/diskom ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 103.140.108.197 (ID/Indonesia/diskominfo-pasaman-197-108.fiber.net.id): 2 in the last 3600 secs show less	Web App Attack
🇮🇩 penjaga BRIN	2023-12-27 12:15:09 (2 years ago)	nginx-4xx-177	Web App Attack
🇸🇬 babahgroup	2023-12-27 01:10:03 (2 years ago)	(SECURITY-REASON) mod_security (id:210730) triggered by 103.140.108.197 (ID/Indonesia/diskominfo-pas ... show more (SECURITY-REASON) mod_security (id:210730) triggered by 103.140.108.197 (ID/Indonesia/diskominfo-pasaman-197-108.fiber.net.id): 3 in the last 3600 secs show less	Brute-Force
🇺🇸 mawan	2023-12-11 11:17:32 (2 years ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇩🇪 blueSh4rk	2023-12-09 12:40:06 (2 years ago)	Directory scanning	Bad Web Bot Web App Attack
🇺🇸 mawan	2023-12-09 12:34:10 (2 years ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇲🇾 JKT - Sality Killer	2023-12-08 08:38:12 (2 years ago)	ANJING BANGSAT BABI >>> WEB ATTACK	Brute-Force Web App Attack
🇩🇪 blueSh4rk	2023-12-08 01:39:13 (2 years ago)	Directory scanning	Bad Web Bot Web App Attack

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 42.108.80.102

🇧🇪 35.205.23.182

🇬🇧 89.35.25.239

🇱🇹 62.60.130.219

🇳🇱 45.140.222.154

🇮🇳 45.82.223.77

🇵🇱 212.127.90.201

🇺🇸 170.187.165.242

🇺🇸 161.153.12.161

🇫🇮 95.216.9.205

🇱🇹 45.227.254.170

🇧🇷 45.205.1.73

🇸🇬 45.78.198.199

🇹🇼 35.229.196.105

🇺🇸 207.90.244.4

🇬🇧 185.216.145.184

🇪🇪 159.253.22.85

🇮🇩 143.20.49.38

🇧🇩 103.183.62.3

🇫🇷 91.231.89.78