JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.158.13.150

103.158.13.150 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	Fiberbyte
Usage Type	Fixed Line ISP
ASN	AS138089
Domain Name	tsmakses.id
Country	🇮🇩 Indonesia
City	Bojonegoro, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.158.13.150

Whois 103.158.13.150

IP Abuse Reports for 103.158.13.150:

This IP address has been reported a total of 8 times from 3 distinct sources. 103.158.13.150 was first reported on April 16th 2025, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 SuperEvilLuke	2025-11-04 17:42:22 (7 months ago)	Malicious activity detected from 138089 GMDP-AS-ID PT.Global Media Data Prima towards host dash.embo ... show more Malicious activity detected from 138089 GMDP-AS-ID PT.Global Media Data Prima towards host dash.embotic.xyz (GET HTTP/2) @ 2025-11-04T17:42:22Z (4 occurrences) show less	DDoS Attack Exploited Host
🇮🇩 hermawan	2025-11-04 14:33:16 (7 months ago)	[Tue Nov 04 21:31:34.027975 2025] [security2:error] [pid 522084:tid 140511322035904] [client 103.158 ... show more [Tue Nov 04 21:31:34.027975 2025] [security2:error] [pid 522084:tid 140511322035904] [client 103.158.13.150:46796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "HttpClient" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.19.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "246"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: HttpClient found within REQUEST_HEADERS:User-Agent: AndroidHttpClient (Linux; U; Android 15; id_ID; CPH2577; Build/AP3A.240617.008; Cronet/139.0.7205.3) request_line = GET /images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Prakiraan_Musim_Kemarau/Provinsi_Jawa_Timur/2025/Prediksi_Awal_Musim_Kemarau_Tahun_2025_Zona_Musim_di_Provinsi_Jawa_Timur.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Prakiraan_Musim_Kemarau/Provinsi_Jawa_Timur/2025/Prediksi_Awal_Musim_Kemarau_Tahun_2025 ... show less	Hacking Web App Attack
🇺🇸 SuperEvilLuke	2025-10-07 23:55:56 (7 months ago)	Malicious activity detected from 138089 GMDP-AS-ID PT.Global Media Data Prima towards host dash.embo ... show more Malicious activity detected from 138089 GMDP-AS-ID PT.Global Media Data Prima towards host dash.embotic.xyz (GET HTTP/1.1) @ 2025-10-07T23:55:56Z (2 occurrences) show less	DDoS Attack Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-09-05 16:13:19 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 hermawan	2025-07-29 15:04:26 (10 months ago)	[Tue Jul 29 22:03:41.735254 2025] [security2:error] [pid 172471:tid 140612698343104] [client 103.158 ... show more [Tue Jul 29 22:03:41.735254 2025] [security2:error] [pid 172471:tid 140612698343104] [client 103.158.13.150:17276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "465"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Lampiran/6_Suhu_Permukaan_Laut_di_Wilayah_Perairan_Indonesia.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Lampiran/6_Suhu_Permukaan_Laut_di_Wilayah_Perairan_Indonesia.webp"] [unique_id "aIjizW44Qs-Xh0PXw2wAywAASwc"], referer https://myactivity.google.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[172479] [Vy ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-07-27 15:12:13 (10 months ago)	[Sun Jul 27 22:08:06.475857 2025] [security2:error] [pid 84929:tid 139996240488128] [client 103.158. ... show more [Sun Jul 27 22:08:06.475857 2025] [security2:error] [pid 84929:tid 139996240488128] [client 103.158.13.150:46304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "465"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Lampiran/6_Suhu_Permukaan_Laut_di_Wilayah_Perairan_Indonesia.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/04_Prakiraan_6_Bulanan/Prakiraan_Musim/Lampiran/6_Suhu_Permukaan_Laut_di_Wilayah_Perairan_Indonesia.webp"] [unique_id "aIZA1nHFN3ZLu9dbeJUyBQAABg0"], referer https://myactivity.google.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[84944] [w0LK ... show less	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-05-16 21:31:46 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 hermawan	2025-04-16 06:03:50 (1 year ago)	[Wed Apr 16 13:03:49.910803 2025] [security2:error] [pid 956880:tid 140435393447616] [client 103.158 ... show more [Wed Apr 16 13:03:49.910803 2025] [security2:error] [pid 956880:tid 140435393447616] [client 103.158.13.150:40478] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2130"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/134.0.6998.135 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 10; RMX182 ... show less	Hacking Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.180

🇱🇹 81.30.98.142

🇨🇦 69.49.112.70

🇻🇳 171.231.185.246

🇺🇸 165.154.173.211

🇩🇪 165.22.19.221

🇺🇸 147.185.132.35

🇺🇸 91.230.168.125

🇧🇬 78.128.114.82

🇳🇱 45.148.10.152

🇳🇱 45.148.10.151

🇳🇱 45.148.10.141

🇧🇪 35.187.79.20

🇨🇳 27.220.231.125

🇻🇳 27.79.40.33

🇳🇱 20.123.146.92

🇨🇳 220.189.253.198

🇸🇬 172.71.124.105

🇺🇸 103.115.10.120

🇺🇸 85.208.98.195