JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 114.10.44.120

114.10.44.120 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 34%: ?

34%

ISP	IOH B2B
Usage Type	Fixed Line ISP
ASN	AS4761
Domain Name	ioh.co.id
Country	🇮🇩 Indonesia
City	Semarang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 114.10.44.120

Whois 114.10.44.120

IP Abuse Reports for 114.10.44.120:

This IP address has been reported a total of 13 times from 10 distinct sources. 114.10.44.120 was first reported on February 9th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 alferez	2026-06-15 01:52:11 (2 days ago)		Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 13:57:44 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 114.10.44.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 114.10.44.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 09:57:31.053382 2026] [security2:error] [pid 27012:tid 27012] [client 114.10.44.120:36881] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 114.10.44.120 (+1 hits since last alert)\|walkercline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "walkercline.com"] [uri "/xmlrpc.php"] [unique_id "ai6zS_JEdk-KFLdPiZUBKQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-14 13:24:44 (2 days ago)	(xmlrpc_405) XMLRPC-Bot 405 114.10.44.120 (ID/Indonesia/-)	Hacking
🇺🇸 TPI-Abuse	2026-06-14 02:25:59 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 114.10.44.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 114.10.44.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:25:50.218167 2026] [security2:error] [pid 30290:tid 30290] [client 114.10.44.120:22946] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 114.10.44.120 (+1 hits since last alert)\|jerielster.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jerielster.com"] [uri "/xmlrpc.php"] [unique_id "ai4RLuaD56zOd1qzAnPl-gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:41:27 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 114.10.44.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 114.10.44.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:41:14.616399 2026] [security2:error] [pid 30947:tid 30947] [client 114.10.44.120:22330] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 114.10.44.120 (+1 hits since last alert)\|stoughtonpipeandwelding.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoughtonpipeandwelding.net"] [uri "/xmlrpc.php"] [unique_id "ai0Xqj9HgJi2AWAhkHH1qQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 vaia.cloud	2026-06-13 05:32:32 (4 days ago)	trying wp-login.php/xmlrpc.php 85 times in 1 minutes	Brute-Force Web App Attack
🇮🇩 hermawan	2026-05-31 06:41:40 (2 weeks ago)	[Sun May 31 13:41:37.291050 2026] [security2:error] [pid 940746:tid 140573632607936] [client 114.10. ... show more [Sun May 31 13:41:37.291050 2026] [security2:error] [pid 940746:tid 140573632607936] [client 114.10.44.120:7934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /image-loader-worker-v3.js HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/image-loader-worker-v3.js"] [unique_id "ahvYIQkwcBvRvhhOyTmXWgAByQM"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[940816] [/+idXtebgvg] [ahvYIQkwcBvRvhhOyTmXWgAByQM] keep_alive=[1] [2026-05-31 13:41:37.291054] [R:ahvYIQkwcBvRvhhOyTmXWgAByQM] UA:'Mozilla/5.0 (Linux; Android 15; SM-A146U1 Build/AP3A.240905.015.A2; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0 ... show less	Email Spam Hacking
Anonymous	2026-04-17 06:43:04 (2 months ago)	XMLRPC BRUTEFORCE - HTTP (Request)	Hacking
🇳🇱 exxos	2025-09-12 19:07:35 (9 months ago)	http-no-verb	Hacking
🇺🇸 MPL	2025-07-09 03:28:09 (11 months ago)	tcp/445 (6 or more attempts)	Port Scan
🇺🇸 MPL	2025-07-09 01:05:51 (11 months ago)	tcp/445 (4 or more attempts)	Port Scan
🇺🇸 mnsf	2025-05-29 15:05:27 (1 year ago)	Login Too Frequent (7)	Brute-Force Web App Attack
Anonymous	2025-02-09 00:42:00 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 222.124.177.148

🇦🇷 216.28.241.215

🇺🇸 207.90.244.3

🇺🇸 192.227.243.40

🇭🇰 156.225.23.155

🇺🇸 136.144.43.163

🇫🇮 94.159.112.56

🇺🇸 91.230.168.188

🇷🇴 80.94.92.186

🇩🇪 69.5.169.18

🇸🇬 47.236.157.205

🇭🇰 45.120.216.232

🇩🇪 3.68.189.130

🇷🇴 2.57.121.112

🇺🇦 217.196.165.3

🇦🇪 217.165.133.43

🇹🇭 203.172.89.21

🇨🇳 203.3.119.121

🇪🇹 196.188.178.115

🇳🇱 178.16.54.22