JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.172.25.38

103.172.25.38 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	PT INTERGRAS JARINGAN EKOSISTEM
Usage Type	Fixed Line ISP
ASN	AS142387
Domain Name	weave.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.172.25.38

Whois 103.172.25.38

IP Abuse Reports for 103.172.25.38:

This IP address has been reported a total of 9 times from 8 distinct sources. 103.172.25.38 was first reported on October 31st 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-07 09:58:50 (2 months ago)	(mod_security) mod_security (id:218580) triggered by 103.172.25.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:218580) triggered by 103.172.25.38 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 05:58:45.120734 2026] [security2:error] [pid 1274187:tid 1274187] [client 103.172.25.38:37148] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|cs-mall.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "cs-mall.com"] [uri "/recipe-display.php"] [unique_id "adTVVaqH0h2LFUPz5X-f5wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 maxxsense	2026-03-28 14:32:16 (2 months ago)	103.172.25.38 (ID/Indonesia/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇩🇪 FeG Deutschland	2026-03-15 10:56:06 (2 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇪🇸 el-brujo	2026-03-01 01:10:22 (3 months ago)	Cloudflare WAF: Request Path: / Request Query: ?cat=-1%22%29%29%29%2F%2A%2150000AND%2A%2FUPDATEXML%2 ... show more Cloudflare WAF: Request Path: / Request Query: ?cat=-1%22%29%29%29%2F%2A%2150000AND%2A%2FUPDATEXML%289035%2C%2F%2A%2150000CONCAT%2A%2F%28%2527.%2527%2C%2527~%2527%2C%28%2F%2A%2150000SELECT%2A%2F%28ELT%289035%3D9035%2C1%29%29%29%2C%2527~%2527%29%2C9785%29+AND+%28%28%28%22h39TVzZb%22+LIKE+%22h39TVzZb%22 Host: hwagm.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: IDNIC-IJE-AS-ID PT Integrasi Jaringan Ekosistem Country: ID Method: GET Timestamp: 2026-03-01T01:10:22Z ruleId: 8629bb58defe4193ab4d493c7bd2d8fa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
Anonymous	2026-02-22 02:55:53 (3 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 12:12:50 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 103.172.25.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 103.172.25.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 07:12:44.113809 2026] [security2:error] [pid 15515:tid 15515] [client 103.172.25.38:42892] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pointillistic.com\|F\|2"] [data ".bravecoolworld.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pointillistic.com"] [uri "/vmps-audio/www.bravecoolworld.com"] [unique_id "aZmhPOtevGkqkJIhoDYPAAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-19 02:55:59 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇳🇱 Mangelot Hosting	2025-11-01 04:31:46 (7 months ago)	(modsecurity) srv102 ModSecurity 103.172.25.38 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: ; ... show more (modsecurity) srv102 ModSecurity 103.172.25.38 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇮 Shaik Sai Meera	2025-10-31 08:30:12 (7 months ago)	IM360 WAF: Block Drupal/Joomla spammers	Brute-Force Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.58

🇺🇸 151.240.62.135

🇺🇸 147.185.132.124

🇳🇱 45.148.10.240

🇳🇱 45.148.10.183

🇷🇴 2.57.122.177

🇩🇪 213.209.159.227

🇬🇧 193.163.125.86

🇮🇹 185.47.136.123

🇺🇸 151.240.62.28

🇺🇸 107.150.103.210

🇨🇳 36.20.10.77

🇺🇸 20.65.195.113

🇷🇴 2a02:2f05:d00e:1300:404:950e:bf9b:e87c

🇺🇸 166.62.41.26

🇮🇳 119.252.192.85

🇮🇪 52.101.66.78

🇺🇸 2607:f8b0:4004:c06::12d

🇸🇪 171.25.158.70

🇺🇸 162.216.149.139