AbuseIPDB » 103.157.24.142
103.157.24.142
This IP was reported 9 times. Confidence of
Abuse
is 0% : ?
ISP
PT Dapur Remaja Multi Sarana
Usage Type
Fixed Line ISP
ASN
AS141105
Hostname(s)
ip-24-142.dapurremaja.net.id
Domain Name
dapurremaja.net.id
Country
๐ฎ๐ฉ
Indonesia
City
Cikarang, West Java
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 103.157.24.142 :
This IP address has been reported a total of
9
times from
5 distinct
sources.
103.157.24.142 was first reported on
October 7th 2024 , and the most recent report was
1 year ago
Old Reports:
The most recent abuse report for this IP address is from
1 year ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
2024-10-21 13:49:13
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ต๐ฑ
nfsec.pl
2024-10-15 01:20:05
(1 year ago)
Scanning on port: 445
Port Scan
๐ต๐ฑ
nfsec.pl
2024-10-08 05:10:08
(1 year ago)
Scanning on port: 445
Port Scan
๐บ๐ธ
TPI-Abuse
2024-10-08 03:42:35
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): ...
show more
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 23:42:31.233596 2024] [security2:error] [pid 23931:tid 23931] [client 103.157.24.142:53626] [client 103.157.24.142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.157.24.142 (+1 hits since last alert)|cloudex.link|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cloudex.link"] [uri "/xmlrpc.php"] [unique_id "ZwSqJzpvqDDGeWABkptRHQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
nyuuzyou
2024-10-08 03:11:22
(1 year ago)
Intensive scraping: /web?s=%22Write%20post%20with%20name%2Fpassword%22%20Homepage%20%22Non-public%22 ...
show more
Intensive scraping: /web?s=%22Write%20post%20with%20name%2Fpassword%22%20Homepage%20%22Non-public%22%20slot%20yang%20paling%20gacor&scraper=brave. User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:114.0) Gecko/20100101 Firefox/114.0.
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2024-10-07 22:06:12
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): ...
show more
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 18:06:04.920753 2024] [security2:error] [pid 15528:tid 15528] [client 103.157.24.142:44137] [client 103.157.24.142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.152.162.10 (0+1 hits since last alert)|nebraskaadaptivesports.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nebraskaadaptivesports.org"] [uri "/xmlrpc.php"] [unique_id "ZwRbTJKXH4TYnXxSN8PqoAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
vaia.cloud
2024-10-07 19:01:02
(1 year ago)
trying wp-login.php/xmlrpc.php 34 times in 1 minutes
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-10-07 18:33:54
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): ...
show more
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 14:33:46.861499 2024] [security2:error] [pid 3519:tid 3519] [client 103.157.24.142:42262] [client 103.157.24.142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.157.24.142 (+1 hits since last alert)|www.vangentholding.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.vangentholding.com"] [uri "/xmlrpc.php"] [unique_id "ZwQpisJvNFFktM2ZfZGYKgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-10-07 16:29:00
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): ...
show more
(mod_security) mod_security (id:240335) triggered by 103.157.24.142 (ip-24-142.dapurremaja.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 12:28:52.781729 2024] [security2:error] [pid 9373:tid 9391] [client 103.157.24.142:45069] [client 103.157.24.142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.157.24.142 (+1 hits since last alert)|www.jimpepperfest.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.jimpepperfest.net"] [uri "/xmlrpc.php"] [unique_id "ZwQMRIGwCIPwLOH_Esj8sgAAAI4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: