JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.105.78.145

103.105.78.145 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 0%: ?

ISP	PT. Garuda Media Telematika
Usage Type	Fixed Line ISP
ASN	AS55676
Hostname(s)	host-103-105-78-145.garuda.net.id
Domain Name	garuda.net.id
Country	🇮🇩 Indonesia
City	Bojonegoro, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.105.78.145

Whois 103.105.78.145

IP Abuse Reports for 103.105.78.145:

This IP address has been reported a total of 36 times from 18 distinct sources. 103.105.78.145 was first reported on July 12th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2025-03-03 13:07:15 (1 year ago)	[Mon Mar 03 20:06:28.327410 2025] [security2:error] [pid 608888:tid 140561778464448] [client 103.105 ... show more [Mon Mar 03 20:06:28.327410 2025] [security2:error] [pid 608888:tid 140561778464448] [client 103.105.78.145:58450] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2130"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Mobile/15E148 OcIdWebView ({\\x22style\\x22:2, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gec ... show less	Hacking Web App Attack
🇺🇸 octageeks.com	2024-10-06 04:07:37 (1 year ago)	Wordpress malicious attack:[octausername]	Web App Attack
🇺🇸 octageeks.com	2024-10-05 04:07:37 (1 year ago)	Wordpress malicious attack:[octausername]	Web App Attack
🇺🇸 octageeks.com	2024-10-03 04:07:36 (1 year ago)	Wordpress malicious attack:[octausername]	Web App Attack
🇹🇷 rtbh.com.tr	2024-10-01 08:54:08 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 octageeks.com	2024-10-01 04:07:42 (1 year ago)	Wordpress malicious attack:[octausername]	Web App Attack
🇺🇸 TPI-Abuse	2024-10-01 03:07:34 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.105.78.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.105.78.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 30 23:07:24.101630 2024] [security2:error] [pid 3453:tid 3453] [client 103.105.78.145:48462] [client 103.105.78.145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.105.78.145 (+1 hits since last alert)\|www.clinegroupmarketplace.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.clinegroupmarketplace.com"] [uri "/xmlrpc.php"] [unique_id "ZvtnbGhPGVg7YgDMmPVVkwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 lewisakura	2024-10-01 01:08:41 (1 year ago)	103.105.78.145 - - [30/Sep/2024:22:56:14 +0000] "POST /wp-login.php HTTP/1.1" 404 156 "-" "Mozilla/5 ... show more 103.105.78.145 - - [30/Sep/2024:22:56:14 +0000] "POST /wp-login.php HTTP/1.1" 404 156 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 103.105.78.145 - - [01/Oct/2024:01:08:40 +0000] "POST /wp-login.php HTTP/1.1" 404 156 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" show less	Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2024-09-30 20:54:09 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 WeekendWeb	2024-09-30 14:01:47 (1 year ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2024-09-30 04:50:07 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.105.78.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.105.78.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 30 00:49:51.371100 2024] [security2:error] [pid 3427:tid 3427] [client 103.105.78.145:38205] [client 103.105.78.145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.105.78.145 (+1 hits since last alert)\|www.stoneybluff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.stoneybluff.com"] [uri "/xmlrpc.php"] [unique_id "Zvot7_6aTW9lBbEDHSbX-QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-29 17:59:34 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.105.78.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 103.105.78.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 29 13:59:22.877604 2024] [security2:error] [pid 17907:tid 17907] [client 103.105.78.145:59481] [client 103.105.78.145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.105.78.145 (+1 hits since last alert)\|www.kvaziri.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.kvaziri.com"] [uri "/xmlrpc.php"] [unique_id "ZvmVellAqzRTbE6bR2ESawAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-09-29 17:32:03 (1 year ago)	103.105.78.145 - - [29/Sep/2024:19:32:03 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 103.105.78.145 - - [29/Sep/2024:19:32:03 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2024-09-29 04:20:33 (1 year ago)	103.105.78.145 - [29/Sep/2024:07:20:29 +0300] "POST /xmlrpc.php HTTP/1.1" 200 260 "-" "Mozilla/5.0 ( ... show more 103.105.78.145 - [29/Sep/2024:07:20:29 +0300] "POST /xmlrpc.php HTTP/1.1" 200 260 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" "1.84" 103.105.78.145 - [29/Sep/2024:07:20:32 +0300] "POST /xmlrpc.php HTTP/1.1" 200 260 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" "1.84" ... show less	Hacking Brute-Force Web App Attack
🇩🇪 ghostwarriors	2024-09-28 17:22:29 (1 year ago)	Unauthorized connection attempt detected, SSH Brute-Force	Port Scan Brute-Force SSH

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:150:13a5::100:13

🇩🇴 190.167.237.191

🇸🇬 101.47.156.21

🇧🇷 186.251.71.202

🇺🇸 159.89.155.166

🇸🇬 149.34.253.149

🇵🇱 109.205.211.47

🇨🇳 101.68.15.184

🇺🇸 96.77.133.9

🇸🇬 43.172.194.254

🇮🇪 20.223.168.112

🇨🇳 218.74.89.189

🇺🇸 165.154.135.141

🇺🇸 147.185.132.222

🇮🇳 128.185.253.98

🇨🇳 222.176.201.215

🇹🇼 198.235.24.86

🇫🇷 79.137.51.69

🇨🇳 61.161.228.243

🇨🇳 58.19.107.236