JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.191.129.114

103.191.129.114 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 3%: ?

ISP	PT Metro Ring Bersama
Usage Type	Fixed Line ISP
ASN	AS149920
Domain Name	metro-rb.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.191.129.114

Whois 103.191.129.114

IP Abuse Reports for 103.191.129.114:

This IP address has been reported a total of 9 times from 6 distinct sources. 103.191.129.114 was first reported on August 4th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 EGP Abuse Dept	2026-06-13 01:40:25 (1 week ago)	Scraping webshop URLs (www.badgehouder.nl), likely botnet drone	Bad Web Bot Exploited Host
Anonymous	2026-03-11 10:33:52 (3 months ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp show less	Exploited Host Bad Web Bot
🇮🇩 hermawan	2026-02-09 09:18:31 (4 months ago)	[Mon Feb 09 16:17:46.155222 2026] [security2:error] [pid 134980:tid 139916122949312] [client 103.191 ... show more [Mon Feb 09 16:17:46.155222 2026] [security2:error] [pid 134980:tid 139916122949312] [client 103.191.129.114:50944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "chatgpt" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.22.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "583"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: chatgpt found within REQUEST_HEADERS:Referer: https://chatgpt.com/ request_line = GET /images/Geofisika/covid-19/evakuasi_tsunami_covid19.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Geofisika/covid-19/evakuasi_tsunami_covid19.jpg"] [unique_id "aYmmOtpVgKWM7_SQPP5BqQABCRg"], referer https://chatgpt.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[135024] [1OCrnOB93OE] [aYmmOtpVgKWM7_SQPP5BqQABCRg] keep_alive=[1] [2026-02-09 16:17:46.155227] [R:aYmmOtpVgKWM7_SQPP5BqQABCRg] UA:'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-12-09 05:26:03 (6 months ago)	[Tue Dec 09 12:22:26.189165 2025] [security2:error] [pid 122457:tid 140516954928832] [client 103.191 ... show more [Tue Dec 09 12:22:26.189165 2025] [security2:error] [pid 122457:tid 140516954928832] [client 103.191.129.114:65171] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "188"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=618&id=2498%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-21-27-maret-2017&start=70 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=618&id=2498%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-21-27-maret-2017&start=70 Reque..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aTeyEtmU2ly ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-11-26 23:17:33 (6 months ago)	[Thu Nov 27 04:33:33.069464 2025] [security2:error] [pid 254759:tid 139901052233408] [client 103.191 ... show more [Thu Nov 27 04:33:33.069464 2025] [security2:error] [pid 254759:tid 139901052233408] [client 103.191.129.114:33630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "357"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: UTF-8 request_line = GET /images/Geofisika/covid-19/evakuasi_tsunami_covid19.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Geofisika/covid-19/evakuasi_tsunami_covid19.jpg"] [unique_id "aSdyLWElTnw52WaMvTx-cQADQwA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[254760] [cW3uJcYxxEU] [aSdyLWElTnw52WaMvTx-cQADQwA] keep_alive=[1] [2025-11-27 04:33:33.069469] [R:aSdyLWElTnw52WaMvTx-cQADQwA] UA:'ChatGPT/1.2025.315 (Android 11; Infinix X665B; build 2531527)' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'app ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-11-26 14:29:45 (7 months ago)	[Wed Nov 26 21:11:01.131663 2025] [security2:error] [pid 41532:tid 140591137470144] [client 103.191. ... show more [Wed Nov 26 21:11:01.131663 2025] [security2:error] [pid 41532:tid 140591137470144] [client 103.191.129.114:60028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "352"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: UTF-8 request_line = GET /images/Geofisika/covid-19/evakuasi_tsunami_covid19.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Geofisika/covid-19/evakuasi_tsunami_covid19.jpg"] [unique_id "aScKdY_sCLtSFJCzVDTmSAACgRg"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[41557] [8/xO97/JmTQ] [aScKdY_sCLtSFJCzVDTmSAACgRg] keep_alive=[1] [2025-11-26 21:11:01.131672] [R:aScKdY_sCLtSFJCzVDTmSAACgRg] UA:'ChatGPT/1.2025.315 (Android 11; Infinix X665B; build 2531527)' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'appli ... show less	Hacking Web App Attack
🇭🇺 ksol-hostmaster	2025-10-19 14:01:06 (8 months ago)	Massive botnet baited into scraping tarpit	Bad Web Bot
🇳🇱 exxos	2025-09-18 07:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇳🇱 Study Bitcoin 🤗	2025-08-04 11:14:54 (10 months ago)	Port probe to tcp/445 (smb) [srv135]	Port Scan Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 203.200.74.18

🇲🇽 200.77.172.159

🇺🇸 193.3.53.3

🇨🇳 120.233.34.147

🇭🇰 43.155.21.198

🇰🇷 211.48.199.61

🇺🇸 198.46.83.219

🇳🇱 188.166.108.155

🇺🇸 147.185.132.170

🇫🇷 91.231.89.9

🇫🇷 54.38.241.200

🇳🇱 45.148.10.157

🇬🇧 45.82.76.128

🇺🇸 45.66.211.82

🇸🇳 41.82.50.218

🇺🇸 20.169.104.121

🇭🇰 199.45.154.121

🇬🇧 188.240.59.34

🇳🇱 2.58.56.173

🇷🇺 176.114.224.190