JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.149.238.98

103.149.238.98 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	PT BITNIAGA CIPTA GEMILANG
Usage Type	Fixed Line ISP
ASN	AS140384
Hostname(s)	bitniaga.net.id
Domain Name	bitniaga.net.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.149.238.98

Whois 103.149.238.98

IP Abuse Reports for 103.149.238.98:

This IP address has been reported a total of 14 times from 12 distinct sources. 103.149.238.98 was first reported on May 4th 2022, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 globcom	2023-10-07 13:52:29 (2 years ago)	Spam / Spoofing	Email Spam Spoofing
🇩🇪 _ArminS_	2023-10-06 02:32:29 (2 years ago)	SP-Scan 59221:445 detected 2023.10.06 04:32:29 blocked until 2023.11.24 20:35:16	Port Scan
🇷🇸 Smel	2023-09-11 17:04:16 (2 years ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇩🇪 IP Analyzer	2023-09-05 06:00:39 (2 years ago)	Unauthorized connection attempt from IP address 103.149.238.98 on Port 445(SMB)	Port Scan
🇩🇪 Fusl	2023-08-08 15:01:05 (2 years ago)	received unsolicited smtp data stream: Message-ID: <[email protected]> Date: Tue, 08 Aug 2023 ... show more received unsolicited smtp data stream: Message-ID: <[email protected]> Date: Tue, 08 Aug 2023 28:00:48 +0600 From: <[email protected]> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.11) Gecko/20101013 Thunderbird/3.1.5 MIME-Version: 1.0 To: <[email protected]> Subject: =?utf-8?B?U3UgY3VlbnRhIGhhIHNpZG8gaGFja2VhZGEuIEhlIHJvYmFkbyBzdXMgZGF0b3MuIEF2ZXJpZ8O8ZSBj?= =?utf-8?B?w7NtbyByZWN1cGVyYXIgZWwgYWNjZXNvLg==?= Content-Type: multipart/alternative; boundary="------------020008050103090506060308" This is a multi-part message in MIME format. --------------020008050103090506060308 Content-Type: text/plain; charset=CP-850; format=flowed Content-Transfer-Encoding: quoted-printable Hola,Soy hacker y he conseguido acceder a su sistema = operativo.También tengo total acceso a su cuenta.Llevo varios meses = vigilándole.La cuestión es que su ordenador se infectó = con un malware cuando usted visitó un sitio para adultos.Por si no = sabe a qué me refiero, se show less	Email Spam
🇺🇸 VSM Networks	2022-12-12 16:33:15 (3 years ago)	Credential Stuffing	Brute-Force
🇮🇸 ISPLtd	2022-12-06 11:19:17 (3 years ago)	Dec 6 12:18:19 SRC=103.149.238.98 PROTO=TCP SPT=53517 DPT=1983 SYN Dec 6 12:18:20 SRC=103.149.238. ... show more Dec 6 12:18:19 SRC=103.149.238.98 PROTO=TCP SPT=53517 DPT=1983 SYN Dec 6 12:18:20 SRC=103.149.238.98 PROTO=TCP SPT=53517 DPT=1983 SYN Dec 6 12:18:22 SRC=103.149.238.98 PROTO=TCP SPT=53517 DPT=1983 ... show less	Port Scan
🇩🇪 IllusionCloud	2022-11-30 18:05:26 (3 years ago)	Gameserver filtering detected invalid connection sequence, possible proxy	DDoS Attack Hacking Exploited Host
🇮🇸 ISPLtd	2022-10-27 12:29:40 (3 years ago)	Oct 27 13:23:31 SRC=103.149.238.98 PROTO=TCP SPT=41845 DPT=1701 SYN Oct 27 13:23:32 SRC=103.149.238. ... show more Oct 27 13:23:31 SRC=103.149.238.98 PROTO=TCP SPT=41845 DPT=1701 SYN Oct 27 13:23:32 SRC=103.149.238.98 PROTO=TCP SPT=41859 DPT=1701 SYN Oct 27 13:23:32 SRC=103.149.238.98 PROTO=TCP SPT=41845 DPT=1701 ... show less	Port Scan
🇪🇸 IPV4Guard.com (AS215051)	2022-09-15 15:28:53 (3 years ago)	firewall,info SSH_ToMK input: in:ether1-WAN out:(unknown 0), src-mac 98:5d:82:9e:7f:d5, proto TCP (S ... show more firewall,info SSH_ToMK input: in:ether1-WAN out:(unknown 0), src-mac 98:5d:82:9e:7f:d5, proto TCP (SYN), 103.149.238.98:49761->45.145.226.113:22, len 60 show less	Brute-Force SSH
Anonymous	2022-05-18 15:40:10 (4 years ago)	IP involved in HTTPS DDoS	DDoS Attack VPN IP Exploited Host
🇨🇭 dimitar Penkov	2022-05-13 23:35:04 (4 years ago)	Brute Force attempts	Brute-Force Exploited Host
🇺🇸 Blue Pumpkin	2022-05-04 11:09:11 (4 years ago)	[Wed May 04 15:09:02.908077 2022] [:error] [pid 2981040] [client 103.149.238.98:0] [client 103.149.2 ... show more [Wed May 04 15:09:02.908077 2022] [:error] [pid 2981040] [client 103.149.238.98:0] [client 103.149.238.98] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset-3.3.2/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "76"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.2"] [tag "anomaly-evaluation"] [hostname "www.hey-ai.com"] [uri "/index.php"] [unique_id "YnKXDnYH2qZxmDse5ifnnwAAAAA"] [Wed May 04 15:09:04.308257 2022] [:error] [pid 2981040] [client 103.149.238.98:0] [client 103.149.238.98] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset-3.3.2/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "76"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.2"] [tag "anomaly-evaluation"] [hostname "www.hey-ai ... show less	Brute-Force
🇺🇸 Blue Pumpkin	2022-05-04 07:32:28 (4 years ago)	[Wed May 04 11:30:31.286262 2022] [:error] [pid 2875604] [client 103.149.238.98:0] [client 103.149.2 ... show more [Wed May 04 11:30:31.286262 2022] [:error] [pid 2875604] [client 103.149.238.98:0] [client 103.149.238.98] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset-3.3.2/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "76"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.2"] [tag "anomaly-evaluation"] [hostname "www.hey-ai.com"] [uri "/index.php"] [unique_id "YnJj1i43c6WExBOUCgKDMgAAADg"] [Wed May 04 11:31:44.798982 2022] [:error] [pid 2877438] [client 103.149.238.98:0] [client 103.149.238.98] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset-3.3.2/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "76"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.2"] [tag "anomaly-evaluation"] [hostname "www.hey-ai ... show less	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.189.236.216

🇳🇱 194.120.230.28

🇰🇷 175.197.79.34

🇺🇸 146.88.241.151

🇭🇰 139.198.113.29

🇨🇳 120.48.151.153

🇨🇳 112.94.188.68

🇻🇳 103.78.0.229

🇩🇪 43.165.1.55

🇺🇸 208.84.100.180

🇺🇸 178.156.195.191

🇸🇬 172.217.47.22

🇩🇪 141.11.250.239

🇬🇧 109.75.172.153

🇫🇷 88.185.14.121

🇩🇪 34.32.81.241

🇺🇸 20.64.104.11

🇩🇪 213.209.159.56

🇹🇷 78.187.40.195

🇺🇸 20.124.91.101