JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.115.20.5

103.115.20.5 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 7%: ?

ISP	PT Sakti Wijaya Network
Usage Type	Fixed Line ISP
ASN	AS149925
Domain Name	swnetwork.id
Country	🇮🇩 Indonesia
City	Subang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.115.20.5

Whois 103.115.20.5

IP Abuse Reports for 103.115.20.5:

This IP address has been reported a total of 26 times from 20 distinct sources. 103.115.20.5 was first reported on May 12th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-26 00:27:27 (1 month ago)	RdpGuard detected brute-force attempt on IMAP	Brute-Force
🇷🇴 gtheo99	2026-04-18 17:26:53 (1 month ago)	103.115.20.5 (ID/Indonesia/-), 2 distributed cpanel attacks on account [liceulcantacuzin] in the las ... show more 103.115.20.5 (ID/Indonesia/-), 2 distributed cpanel attacks on account [liceulcantacuzin] in the last 900 secs show less	SSH Brute-Force Hacking
🇬🇧 D3monite	2026-03-14 05:43:26 (2 months ago)	Attempted Brute Force (cpaneld)	Brute-Force
🇺🇸 ipblock.com	2026-03-12 18:23:00 (2 months ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability probe.	Hacking Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-03-08 21:24:09 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:10000003) triggered by 103.115.20.5 (ID/Indonesia/-): 2 i ... show more LF_MODSEC: (mod_security) mod_security (id:10000003) triggered by 103.115.20.5 (ID/Indonesia/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 LARL-Stompro-2024	2026-01-25 07:43:20 (4 months ago)	Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1	Bad Web Bot
🇹🇼 kk_it_man	2026-01-12 08:30:02 (4 months ago)	honey catch	Port Scan
🇩🇪 SMARTNET	2025-11-26 02:37:10 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇮🇩 hermawan	2025-11-22 13:43:43 (6 months ago)	[Sat Nov 22 20:36:55.661314 2025] [security2:error] [pid 1058672:tid 140557896640192] [client 103.11 ... show more [Sat Nov 22 20:36:55.661314 2025] [security2:error] [pid 1058672:tid 140557896640192] [client 103.115.20.5:17795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "Brave" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "247"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: Brave found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Brave Chrome/87.0.4280.141 Safari/537.36 request_line = GET /index.php/analisis-bulanan/4228-analisis-distribusi-hujan/analisis-distribusi-sifat-hujan/analisis-distribusi-sifat-hujan-jawa-timur-bulanan/analisis-bulanan-distribusi-sifat-hujan-di-provinsi-jawa-timur-tahun-2024/555561380-analisis-bulanan-distribusi-sifat-hujan-bulan-agustus-tahun-2024-di-provins..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-bulanan/4228-analis ... show less	Hacking Web App Attack
🇩🇪 FeG Deutschland	2025-11-14 04:46:36 (6 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 28	Exploited Host Web App Attack
🇨🇭 backslash	2025-11-13 15:11:26 (6 months ago)	block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803	Bad Web Bot
🇧🇷 hostseries	2025-07-13 16:14:05 (10 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇫🇮 bittiguru.fi	2024-10-08 05:13:11 (1 year ago)	103.115.20.5 - [08/Oct/2024:08:13:00 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (X1 ... show more 103.115.20.5 - [08/Oct/2024:08:13:00 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" "1.86" 103.115.20.5 - [08/Oct/2024:08:13:11 +0300] "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" "1.86" ... show less	Hacking Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-09-09 01:12:23 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇲🇹 Malta	2024-08-31 09:08:34 (1 year ago)	103.115.20.5 - - [31/Aug/2024:11:08:34 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; I ... show more 103.115.20.5 - - [31/Aug/2024:11:08:34 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.215

🇳🇱 89.124.113.56

🇳🇱 45.148.10.141

🇮🇳 43.227.185.238

🇮🇷 5.190.130.238

🇮🇷 2.187.13.84

🇰🇷 211.178.247.182

🇨🇳 183.66.144.142

🇧🇴 181.188.148.74

🇩🇪 178.105.210.107

🇨🇳 118.24.135.34

🇹🇭 110.77.173.101

🇷🇺 109.195.179.94

🇺🇸 107.175.227.45

🇲🇽 46.250.172.52

🇳🇱 45.148.10.240

🇮🇷 2.180.227.97

🇰🇷 222.239.10.72

🇨🇳 221.10.221.104

🇮🇷 188.121.101.19