JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.180.118.122

103.180.118.122 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 24%: ?

24%

ISP	PT Persada Data Multimedia
Usage Type	Fixed Line ISP
ASN	AS149359
Domain Name	pdm.net.id
Country	🇮🇩 Indonesia
City	Lamongan, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.180.118.122

Whois 103.180.118.122

IP Abuse Reports for 103.180.118.122:

This IP address has been reported a total of 6 times from 4 distinct sources. 103.180.118.122 was first reported on June 8th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 polycoda	2026-06-20 11:50:48 (5 days ago)	AutoBlock: 🔐 WordPress Login Brute Force (20X or 30X) (Decay-Based)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 14:24:14 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.180.118.122 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.180.118.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 10:24:11.437095 2026] [security2:error] [pid 20280:tid 20280] [client 103.180.118.122:55429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.180.118.122 (+1 hits since last alert)\|advantagept.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "advantagept.org"] [uri "/xmlrpc.php"] [unique_id "ajP_i9BBL8ooUlRO09lEMgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 13:56:23 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.180.118.122 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.180.118.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 09:56:19.932394 2026] [security2:error] [pid 1041:tid 1061] [client 103.180.118.122:60426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.180.118.122 (+1 hits since last alert)\|jpdesign.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jpdesign.us"] [uri "/xmlrpc.php"] [unique_id "ajP5A7n1Un9y1Ir6NiU1KAAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 prologic	2026-06-13 11:02:47 (1 week ago)	Distributed application-layer DoS against git.mills.io (self-hosted Gitea). High-volume automated re ... show more Distributed application-layer DoS against git.mills.io (self-hosted Gitea). High-volume automated requests to expensive Git repository endpoints (commit/diff/blame/archive views), ~1 request per IP, spoofed browser UA, rejected with HTTP 429. Residential-proxy botnet campaign, 2026-06-13/14 UTC. show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 00:18:12 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.180.118.122 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.180.118.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 20:18:04.161064 2026] [security2:error] [pid 29341:tid 29341] [client 103.180.118.122:54822] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.180.118.122 (+1 hits since last alert)\|lockdownclaim.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lockdownclaim.com"] [uri "/xmlrpc.php"] [unique_id "ain-vH9f1MuTXMd1QUie-AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 15:34:09 (2 weeks ago)		Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.94

🇨🇦 198.50.239.95

🇳🇱 195.178.110.228

🇧🇷 177.61.137.26

🇨🇳 115.56.238.174

🇺🇸 104.237.245.141

🇷🇴 92.118.39.71

🇺🇸 76.87.181.129

🇧🇷 35.198.29.129

🇺🇸 34.106.231.113

🇸🇬 34.21.133.138

🇺🇸 20.65.193.130

🇬🇧 2a06:4882:7000::75

🇺🇸 205.210.31.36

🇺🇸 184.105.247.244

🇺🇸 184.105.139.114

🇨🇳 183.155.245.55

🇧🇷 177.174.125.183

🇺🇸 147.185.132.45

🇵🇰 101.53.233.155