JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.47.52.130

103.47.52.130 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	trafficforce, UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	trafficforce.lt
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.47.52.130

Whois 103.47.52.130

IP Abuse Reports for 103.47.52.130:

This IP address has been reported a total of 9 times from 4 distinct sources. 103.47.52.130 was first reported on October 30th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 06:01:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:01:05.885439 2026] [security2:error] [pid 25731:tid 25731] [client 103.47.52.130:52485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/media../.git/config"] [unique_id "aWsloZ85tRtYBetstcYBGgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:17:22 (5 months ago)	(mod_security) mod_security (id:221260) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:17:18.207383 2025] [security2:error] [pid 22840:tid 22951] [client 103.47.52.130:47845] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|ftp.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/cgi-bin/test"] [unique_id "aVLTvvUSdzJ-gbjPWKhUNQAAAJI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 [email protected]	2025-12-29 09:53:10 (5 months ago)	Attack attempt against Interwebbi servers; Port Scan detected from 103.47.52.130 (LT/Lithuania/-). ... show more Attack attempt against Interwebbi servers; Port Scan detected from 103.47.52.130 (LT/Lithuania/-). 5 hits in the last 165 seconds; IP: 103.47.52.130; Ports: *; Direction: 0; Trigger: PS_LIMIT; show less	Brute-Force
🇺🇸 TPI-Abuse	2025-11-27 23:59:28 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 18:59:23.845300 2025] [security2:error] [pid 29941:tid 29988] [client 103.47.52.130:47183] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.com"] [uri "/"] [unique_id "aSjl24bNnBr0g1RQu7R7egAAAY8"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:27:08 (6 months ago)	(mod_security) mod_security (id:212620) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:212620) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:27:05.687063 2025] [security2:error] [pid 6704:tid 6704] [client 103.47.52.130:50295] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /setup/index.php?page=servers&mode=test&id=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.nbcnewsradio.com"] [uri "/setup/index.php"] [unique_id "aRWkaSJ1v6zD2BYs0NNJ-AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-11-28 23:36:33 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 103.47.52.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 18:34:11.407795 2023] [security2:error] [pid 11784:tid 47164556396288] [client 103.47.52.130:35603] [client 103.47.52.130] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/.htpasswd"] [unique_id "ZWZ484wEHitSjHnQ4aj65gAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-27 13:10:08 (2 years ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-02 04:53:52 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 10:09:52 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2400:cb00:930:1000:f240:39d7:2403:48bd

🇹🇷 78.186.54.65

🇸🇬 2a02:4780:3:709:0:685:47ec:1

🇺🇸 2001:470:1:332::166

🇳🇱 193.176.31.214

🇨🇦 192.95.29.25

🇺🇸 172.185.24.228

🇺🇸 152.39.161.64

🇺🇸 66.132.186.238

🇭🇰 47.76.184.0

🇳🇱 45.142.193.164

🇩🇪 213.209.159.227

🇺🇸 152.32.182.41

🇨🇳 114.138.97.14

🇮🇩 103.214.112.253

🇫🇷 85.217.140.1

🇬🇧 81.19.219.195

🇺🇸 47.77.219.202

🇬🇧 37.10.113.220

🇬🇧 31.14.254.40