JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.154.77.12

103.154.77.12 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 17%: ?

17%

ISP	PT Tonggak Teknologi Netikom
Usage Type	Fixed Line ISP
ASN	AS140481
Domain Name	t2net.id
Country	🇮🇩 Indonesia
City	Muntilan, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.154.77.12

Whois 103.154.77.12

IP Abuse Reports for 103.154.77.12:

This IP address has been reported a total of 24 times from 15 distinct sources. 103.154.77.12 was first reported on November 3rd 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 week ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 0a9278f2-ffb8-4472-8b4f-87e634c16433	DDoS Attack
🇩🇪 milcraft.nl	2026-05-15 13:15:07 (3 weeks ago)	Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ... show more Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse. show less	DDoS Attack Web App Attack
Anonymous	2026-04-28 21:46:11 (1 month ago)	2026-04-28 23:46:10 ERROR util.AccessViolations - 103.154.77.12 report to fail2ban - action: block . ... show more 2026-04-28 23:46:10 ERROR util.AccessViolations - 103.154.77.12 report to fail2ban - action: block ... show less	Hacking Brute-Force Bad Web Bot
🇺🇸 quilla	2026-03-28 23:35:00 (2 months ago)	Botnet infected device observed in honeypot (Vector: TCP HANDSHAKE ATTACK)	DDoS Attack
🇺🇸 stechusa	2026-03-20 11:22:08 (2 months ago)	[Askari] ELEVATED_THREAT \| country=ID \| ASN=PT Tonggak Teknologi Netikom \| AbuseIPDB=0% \| 53 IPs tar ... show more [Askari] ELEVATED_THREAT \| country=ID \| ASN=PT Tonggak Teknologi Netikom \| AbuseIPDB=0% \| 53 IPs targeting /brand.html \| Facet request during elevated threat (facet_ratio=0.81, unique_ips=327) \| HTTP/1.1 over TLS (elevated=True) \| Signals: concurrent_facet_load, path_concentration, non_target_geo, http1_on_tls show less	Web App Attack Hacking Web Spam
🇺🇸 gui-ying233	2026-01-31 00:56:28 (4 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 show less	Bad Web Bot
Anonymous	2026-01-18 02:23:05 (4 months ago)	Unauthorized connection to Telnet port 23	Port Scan
🇧🇪 DrLex0	2026-01-12 00:42:26 (4 months ago)	BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or j ... show more BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or just plain stupidity from whomever wrote this piece of crap show less	Hacking Bad Web Bot Exploited Host
Anonymous	2025-12-01 06:35:39 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-30 12:36:59 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 103.154.77.12 (12.subs77.t2net.id): 1 in the la ... show more (mod_security) mod_security (id:210730) triggered by 103.154.77.12 (12.subs77.t2net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 07:36:54.679280 2025] [security2:error] [pid 19608:tid 19608] [client 103.154.77.12:41410] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/thestateroom.com"] [unique_id "aSw6ZgxA4AH5H2WKGiVLEAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-15 15:03:27 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 TheMadBeaker	2025-11-04 11:31:41 (7 months ago)	Fail2Ban - HTTP Exploit Attempt	Brute-Force Web App Attack
🇮🇩 hermawan	2025-10-11 14:41:08 (7 months ago)	[Sat Oct 11 20:42:46.252879 2025] [security2:error] [pid 2513418:tid 139973119338176] [client 103.15 ... show more [Sat Oct 11 20:42:46.252879 2025] [security2:error] [pid 2513418:tid 139973119338176] [client 103.154.77.12:51790] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){12})" at ARGS:id. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "3703"] [id "942430"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12)"] [data "Matched Data: :prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal- found within ARGS:id: 1237:prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-15-21-november-2016 Matched Data ARGS charset: - Matched Data TX.1: :prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tangga ... show less	Hacking Web App Attack
🇩🇪 jjdb	2025-09-30 16:04:32 (8 months ago)	dmarc report	Spoofing
🇩🇪 stalker.to	2025-05-23 10:56:39 (1 year ago)	Datacenter Proxy	Web Spam

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.136.206.71

🇺🇸 162.216.150.140

🇸🇪 138.124.71.25

🇷🇴 80.94.92.177

🇰🇷 1.235.192.131

🇨🇴 191.97.12.90

🇳🇱 185.223.235.10

🇹🇬 156.38.73.89

🇵🇱 87.251.64.176

🇸🇪 82.183.15.80

🇧🇷 205.210.31.140

🇬🇧 193.163.125.202

🇺🇸 136.62.34.187

🇺🇸 107.150.105.153

🇷🇴 92.118.39.236

🇳🇱 45.148.10.141

🇨🇳 8.154.2.19

🇫🇷 146.59.213.12

🇳🇱 45.148.10.157

🇺🇸 162.216.149.182