JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.144.18.60

103.144.18.60 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 44%: ?

44%

ISP	PT Gasatek Bintang Nusantara
Usage Type	Fixed Line ISP
ASN	AS139418
Domain Name	gasatek.co.id
Country	🇮🇩 Indonesia
City	Jember, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.144.18.60

Whois 103.144.18.60

IP Abuse Reports for 103.144.18.60:

This IP address has been reported a total of 22 times from 8 distinct sources. 103.144.18.60 was first reported on April 9th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 01:28:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:28:28.267322 2026] [security2:error] [pid 13049:tid 13049] [client 103.144.18.60:11195] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|fltsiminc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fltsiminc.com"] [uri "/xmlrpc.php"] [unique_id "ai9VPHBCe0A-YBehOs9QCgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:00:38 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:00:26.350143 2026] [security2:error] [pid 31019:tid 31023] [client 103.144.18.60:2848] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|coasterdvdsonline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coasterdvdsonline.com"] [uri "/xmlrpc.php"] [unique_id "ai9AmrHkKShrBaxWMMYc9QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 23:36:54 (1 day ago)	[redacted] 103.144.18.60 - - [15/Jun/2026:01:36:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "W ... show more [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/12.5; WordPress/6.3; http://site50347011.com" [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 103.144.18.60 - - [15/Jun/2026:01:36:35 +0200] "POST /xmlrpc.php HT ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 16:30:03 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 12:29:55.285042 2026] [security2:error] [pid 6646:tid 6646] [client 103.144.18.60:1703] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|versallis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "versallis.com"] [uri "/xmlrpc.php"] [unique_id "ai7XAzCmnKcsm0zSB5wM9wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 15:58:20 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 11:58:13.686557 2026] [security2:error] [pid 32091:tid 32091] [client 103.144.18.60:12895] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|bigheartskitchen.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigheartskitchen.net"] [uri "/xmlrpc.php"] [unique_id "ai7PlSIO0j5CaSTDM38LAgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 EarthAsylum	2026-06-12 01:59:47 (4 days ago)	Repeated exploit attempts on WordPress entry points (prohibited XML method)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:40:19 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:40:11.725000 2026] [security2:error] [pid 27506:tid 27506] [client 103.144.18.60:2263] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|jaragoodrich.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jaragoodrich.com"] [uri "/xmlrpc.php"] [unique_id "aitjewx5EtSBHRX2Ac4-OQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-06-10 02:55:52 (6 days ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:58:09 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:58:01.850765 2026] [security2:error] [pid 28710:tid 28710] [client 103.144.18.60:4553] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|losbarbarosdelnorte.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "losbarbarosdelnorte.com"] [uri "/xmlrpc.php"] [unique_id "aiZZ6TQQAhaP8ltV3iEsRAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 00:19:51 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.144.18.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:19:45.270341 2026] [security2:error] [pid 25752:tid 25752] [client 103.144.18.60:4623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.144.18.60 (+1 hits since last alert)\|waterjetsolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "waterjetsolutions.com"] [uri "/xmlrpc.php"] [unique_id "aiYKoYGb5EqNIy-_fpsR6QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-07 01:28:43 (1 week ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-05 22:37:00 (1 week ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 01:29:14 (2 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 12:26:19 (2 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇮🇩 hermawan	2026-05-26 08:59:42 (3 weeks ago)	1779785247.087419 103.144.18.60 103.166.156.58 65535_2-4-8-1-3_1320_10 2026-05-26 15:47:27 WIB ...	Email Spam Hacking

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.130

🇪🇸 92.177.171.81

🇨🇳 117.70.48.191

🇨🇳 106.13.114.161

🇺🇸 104.236.68.24

🇺🇸 103.143.231.24

🇺🇸 99.60.18.106

🇩🇪 69.5.169.38

🇮🇳 59.180.155.112

🇳🇵 2400:1a00:2b68:d23:d4cd:ac50:e9ff:a4cc

🇲🇽 187.190.35.163

🇵🇪 161.132.54.218

🇫🇷 109.23.214.13

🇺🇸 107.170.247.81

🇮🇩 103.152.235.19

🇮🇩 101.128.96.35

🇺🇸 65.49.1.11

🇹🇭 49.49.223.235

🇷🇺 46.50.240.92

🇮🇩 43.157.210.132