JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.152.238.180

103.152.238.180 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 0%: ?

ISP	PT Acces Prima Nusantara
Usage Type	Fixed Line ISP
ASN	AS140448
Domain Name	aprin.net.id
Country	🇮🇩 Indonesia
City	Purwakarta, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.152.238.180

Whois 103.152.238.180

IP Abuse Reports for 103.152.238.180:

This IP address has been reported a total of 64 times from 27 distinct sources. 103.152.238.180 was first reported on May 17th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2024-07-23 21:21:30 (1 year ago)	103.152.238.180 - - [23/Jul/2024:23:21:29 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 103.152.238.180 - - [23/Jul/2024:23:21:29 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-07-23 08:08:53 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 23 04:08:46.571637 2024] [security2:error] [pid 1878925:tid 1878925] [client 103.152.238.180:35985] [client 103.152.238.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.152.238.180 (+1 hits since last alert)\|www.visionremota.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.visionremota.info"] [uri "/xmlrpc.php"] [unique_id "Zp9lDrT8P_7G01uz178MJgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-07-22 00:47:24 (1 year ago)	103.152.238.180 - - [22/Jul/2024:02:47:24 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 103.152.238.180 - - [22/Jul/2024:02:47:24 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2024-07-21 17:06:34 (1 year ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2024-07-18 16:10:36 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 18 12:10:27.365065 2024] [security2:error] [pid 22122:tid 22133] [client 103.152.238.180:40028] [client 103.152.238.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.152.238.180 (+1 hits since last alert)\|sevenislandsvilla.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sevenislandsvilla.com"] [uri "/xmlrpc.php"] [unique_id "Zpk-c5KyNNNFYtVjyyhzEAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Tha_14	2024-07-16 17:14:50 (1 year ago)	Attempt to log in with non-existing username: admin	Bad Web Bot
🇩🇪 SpaceHost-Server	2024-07-15 17:40:47 (1 year ago)	103.152.238.180 - - [15/Jul/2024:19:40:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 1112 "-" "Mozilla/5 ... show more 103.152.238.180 - - [15/Jul/2024:19:40:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 1112 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" 103.152.238.180 - - [15/Jul/2024:19:40:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 1112 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" 103.152.238.180 - - [15/Jul/2024:19:40:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 1112 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" show less	Hacking Web App Attack
🇩🇪 ger-stg-sifi1	2024-07-15 03:02:05 (1 year ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2024-07-13 16:34:03 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 13 12:33:53.581177 2024] [security2:error] [pid 19220:tid 47333087823616] [client 103.152.238.180:35728] [client 103.152.238.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.152.238.180 (+1 hits since last alert)\|leadingedgesupply.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "leadingedgesupply.com"] [uri "/xmlrpc.php"] [unique_id "ZpKscdYMqSDxnLPq3O6nMgAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-13 11:09:18 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 13 07:09:12.475944 2024] [security2:error] [pid 24010] [client 103.152.238.180:48024] [client 103.152.238.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.152.238.180 (+1 hits since last alert)\|www.internetnameregistration.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.internetnameregistration.com"] [uri "/xmlrpc.php"] [unique_id "ZpJgWNz64stZRZNMpyDEHgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-11 13:11:21 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 11 09:11:16.716828 2024] [security2:error] [pid 3371] [client 103.152.238.180:59690] [client 103.152.238.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 128.127.104.80 (0+1 hits since last alert)\|www.puckerbackbikini.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.puckerbackbikini.com"] [uri "/xmlrpc.php"] [unique_id "Zo_Z9Lc5zNoiLtfHvcBy2AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-11 01:12:48 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.152.238.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 21:12:43.194833 2024] [security2:error] [pid 18949] [client 103.152.238.180:57670] [client 103.152.238.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 31.3.152.100 (0+1 hits since last alert)\|nickp.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nickp.us"] [uri "/xmlrpc.php"] [unique_id "Zo8xi0dL7JhxAMcNUkzFvQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-07-11 00:32:05 (1 year ago)	103.152.238.180 - - [11/Jul/2024:02:32:05 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 103.152.238.180 - - [11/Jul/2024:02:32:05 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇩🇪 DEV-DNS	2024-07-10 11:19:01 (1 year ago)	(wordpress) Failed wordpress login from 103.152.238.180 (ID/Indonesia/West Java/Bekasi/-/[redacted])	Brute-Force
🇦🇺 MAGIC	2024-07-07 22:04:09 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.65.84.8

🇺🇸 207.90.244.17

🇳🇱 185.93.89.167

🇮🇳 182.95.231.62

🇺🇸 172.212.200.188

🇺🇸 104.236.53.110

🇫🇷 91.231.89.224

🇹🇼 36.225.162.170

🇩🇪 213.209.159.228

🇺🇸 208.102.26.110

🇨🇳 203.83.234.180

🇯🇵 156.227.232.198

🇩🇪 69.5.169.119

🇺🇸 65.49.1.43

🇺🇸 34.170.189.242

🇬🇧 5.226.140.91

🇰🇷 211.104.137.55

🇺🇸 192.169.201.223

🇫🇷 185.194.178.105

🇮🇳 168.144.187.163