JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.3.222.117

103.3.222.117 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 22%: ?

22%

ISP	PT XLSMART Telecom Sejahtera Tbk
Usage Type	Fixed Line ISP
ASN	AS139994
Domain Name	xlsmart.co.id
Country	🇮🇩 Indonesia
City	Soreang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.3.222.117

Whois 103.3.222.117

IP Abuse Reports for 103.3.222.117:

This IP address has been reported a total of 7 times from 6 distinct sources. 103.3.222.117 was first reported on March 9th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 securejdprop	2026-06-25 06:49:12 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Suspicious 👀 ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Suspicious 👀 SSL/TLS trafic on unusual SSL/TLS port). Ip 103.3.222.117 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-25 06:49:11.377860867 +0000 UTC show less	Hacking Web App Attack
🇦🇺 prologic	2026-06-13 21:00:05 (1 week ago)	Distributed application-layer DoS against git.mills.io (self-hosted Gitea). High-volume automated re ... show more Distributed application-layer DoS against git.mills.io (self-hosted Gitea). High-volume automated requests to expensive Git repository endpoints (commit/diff/blame/archive views), ~1 request per IP, spoofed browser UA, rejected with HTTP 429. Residential-proxy botnet campaign, 2026-06-13/14 UTC. show less	DDoS Attack Web App Attack
🇮🇹 VHosting	2026-06-11 01:21:06 (2 weeks ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇮🇩 hermawan	2026-05-30 01:56:16 (3 weeks ago)	[Sat May 30 08:56:12.272367 2026] [authz_core:error] [pid 435921:tid 140229863184064] [client 103.3. ... show more [Sat May 30 08:56:12.272367 2026] [authz_core:error] [pid 435921:tid 140229863184064] [client 103.3.222.117:12075] AH01630: client denied by server configuration: /var/matomo/gemini-jscompress-dev_13-05-2026_matomo_5_10_0.js [matomo.staklim-malang.info] [matomo.staklim-malang.info] top=[435943] [UEsLRL8G6+k] [ahpDvMrL25UkH4vPJH7LXwAAjxU] keep_alive=[1] [2026-05-30 08:56:12.272376] [R:ahpDvMrL25UkH4vPJH7LXwAAjxU] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 18_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1' Host:'matomo.staklim-malang.info:443' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-28 05:09:34 (4 weeks ago)	[Thu May 28 12:09:29.944697 2026] [security2:error] [pid 436382:tid 139852559062720] [client 103.3.2 ... show more [Thu May 28 12:09:29.944697 2026] [security2:error] [pid 436382:tid 139852559062720] [client 103.3.222.117:29710] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "815"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan HTTP/2.0 Request URI RAW = /index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan Request Basename = buletin-informasi-iklim-dan-lingkungan"] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [ta ... show less	Email Spam Hacking
🇳🇱 exxos	2025-09-23 11:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇬🇧 Joe-Mark	2021-03-09 14:52:08 (5 years ago)	SORBS list of web servers which have spammer abusable vulnerabilities / proto=6 . srcport=14842 ... show more SORBS list of web servers which have spammer abusable vulnerabilities / proto=6 . srcport=14842 . dstport=8080 . (3323) show less	Hacking Brute-Force

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇴 196.216.60.5

🇭🇺 185.111.208.245

🇮🇳 182.19.35.57

🇳🇱 45.156.87.93

🇳🇱 45.148.10.152

🇭🇰 152.32.213.68

🇺🇸 147.185.132.135

🇨🇱 136.248.247.188

🇺🇸 108.24.173.108

🇨🇳 106.38.205.224

🇫🇷 91.196.152.219

🇮🇩 49.0.24.107

🇸🇬 47.84.106.109

🇺🇸 45.92.229.9

🇺🇸 40.124.174.209

🇺🇸 40.119.41.182

🇮🇩 36.72.206.32

🇺🇸 20.29.21.25

🇻🇳 14.241.33.188

🇺🇸 13.83.90.155