AbuseIPDB » 103.30.94.234

103.30.94.234 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 48%: ?

48%

ISP	PT Precision Connexion
Usage Type	Fixed Line ISP
ASN	AS18103
Hostname(s)	order.domas.co.id
Domain Name	neuviz.net.id
Country	Indonesia
City	Medan, North Sumatra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 103.30.94.234

Whois 103.30.94.234

IP Abuse Reports for 103.30.94.234:

This IP address has been reported a total of 52 times from 29 distinct sources. 103.30.94.234 was first reported on July 18th 2021, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
2000cn.com.au	2025-07-19 11:35:54 (18 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Hacking Web App Attack
polycoda	2025-07-19 10:25:55 (19 hours ago)	⌨️ Probes for wlwmanifest.xml everywhere	Hacking Web App Attack
ipblock.com	2025-07-19 09:42:00 (20 hours ago)	IPBlock protected site ID [4055-d][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
cmbplf	2025-07-19 07:20:35 (22 hours ago)	2.431 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
MWA SOC	2025-07-19 05:49:48 (23 hours ago)		Hacking
penjaga BRIN	2025-06-28 15:12:42 (3 weeks ago)	nginx-alfa-240	Web App Attack
mawan	2025-06-28 13:30:38 (3 weeks ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
penjaga BRIN	2025-06-28 12:05:10 (3 weeks ago)	apache-alfa-111	Web App Attack
hermawan	2025-06-28 12:00:15 (3 weeks ago)	[Sat Jun 28 19:00:13.407355 2025] [security2:error] [pid 589233:tid 139782772475584] [client 103.30. ... show more[Sat Jun 28 19:00:13.407355 2025] [security2:error] [pid 589233:tid 139782772475584] [client 103.30.94.234:52593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "314"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aF_ZTWkZekPaH2FTTYTB0gAAAAY"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[589293] [XF+FieBaYyM] [aF_ZTWkZekPaH2FTTYTB0gAAAAY] keep_alive=[0] [2025-06-28 19:00:13.407358] [R:aF_ZTWkZekPaH2FTTYTB0gAAAAY] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' Accept-Language ... show less	Hacking Web App Attack
mawan	2025-06-22 10:32:08 (3 weeks ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
hermawan	2025-06-22 09:13:24 (3 weeks ago)	[Sun Jun 22 16:11:29.575595 2025] [security2:error] [pid 39340:tid 140110020474560] [client 103.30.9 ... show more[Sun Jun 22 16:11:29.575595 2025] [security2:error] [pid 39340:tid 140110020474560] [client 103.30.94.234:60893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "314"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aFfIwVdoOZdtQiP8t_vFiwAAAFA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[39383] [MbMLe+UxTVM] [aFfIwVdoOZdtQiP8t_vFiwAAAFA] keep_alive=[0] [2025-06-22 16:11:29.575600] [R:aFfIwVdoOZdtQiP8t_vFiwAAAFA] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' Accept-Language:' ... show less	Hacking Web App Attack
hermawan	2025-06-20 12:09:50 (4 weeks ago)	[Fri Jun 20 19:07:22.934295 2025] [security2:error] [pid 32138:tid 140242761807552] [client 103.30.9 ... show more[Fri Jun 20 19:07:22.934295 2025] [security2:error] [pid 32138:tid 140242761807552] [client 103.30.94.234:59776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "314"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aFVO-s_taU3c-As62ManpAAAAJQ"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[32189] [Um5ktD974JY] [aFVO-s_taU3c-As62ManpAAAAJQ] keep_alive=[0] [2025-06-20 19:07:22.934300] [R:aFVO-s_taU3c-As62ManpAAAAJQ] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' Accept-Language:' ... show less	Hacking Web App Attack
hermawan	2025-06-20 08:43:55 (4 weeks ago)	[Fri Jun 20 15:43:54.463964 2025] [security2:error] [pid 38784:tid 140475252057792] [client 103.30.9 ... show more[Fri Jun 20 15:43:54.463964 2025] [security2:error] [pid 38784:tid 140475252057792] [client 103.30.94.234:61222] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "314"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aFUfSgQ12sMvg8aVFqTOPwAAAJM"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[38830] [rvS13HyBcUU] [aFUfSgQ12sMvg8aVFqTOPwAAAJM] keep_alive=[0] [2025-06-20 15:43:54.463969] [R:aFUfSgQ12sMvg8aVFqTOPwAAAJM] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' Accept-Language:' ... show less	Hacking Web App Attack
penjaga BRIN	2025-06-20 08:12:35 (4 weeks ago)	nginx-alfa-95	Web App Attack
hermawan	2025-06-20 02:55:18 (1 month ago)	[Fri Jun 20 09:55:17.911400 2025] [security2:error] [pid 15770:tid 140160670881472] [client 103.30.9 ... show more[Fri Jun 20 09:55:17.911400 2025] [security2:error] [pid 15770:tid 140160670881472] [client 103.30.94.234:54921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "314"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aFTNlQ_JIROPBB9QHyOBKwAAAEo"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[15808] [jLH8/beJ9iM] [aFTNlQ_JIROPBB9QHyOBKwAAAEo] keep_alive=[0] [2025-06-20 09:55:17.911406] [R:aFTNlQ_JIROPBB9QHyOBKwAAAEo] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' Accept-Language:' ... show less	Hacking Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩