JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.169.189.155

103.169.189.155 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 11%: ?

11%

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS142347
Domain Name	apnic.net
Country	🇮🇩 Indonesia
City	Ponorogo, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.169.189.155

Whois 103.169.189.155

IP Abuse Reports for 103.169.189.155:

This IP address has been reported a total of 21 times from 15 distinct sources. 103.169.189.155 was first reported on July 9th 2023, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 donarev419	2026-06-22 02:37:19 (4 days ago)	Port scan detected on port 445 (connection without data transfer)	Port Scan
Anonymous	2026-05-11 13:49:59 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇮🇩 sockominfo	2026-03-21 21:00:42 (3 months ago)	Late night login (22:00-05:30) - High risk Jakarta timezone (WIB). Threat Score: 8.6/10 (CRITICAL). ... show more Late night login (22:00-05:30) - High risk Jakarta timezone (WIB). Threat Score: 8.6/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 9.9/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1078 (Valid Accounts). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-03-21 18:00:11 (3 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇩🇪 SMARTNET	2025-11-26 02:37:10 (7 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
Anonymous	2025-11-22 04:10:54 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇮🇩 hermawan	2025-11-13 05:42:23 (7 months ago)	[Thu Nov 13 12:39:30.209666 2025] [security2:error] [pid 1012195:tid 140633336334016] [client 103.16 ... show more [Thu Nov 13 12:39:30.209666 2025] [security2:error] [pid 1012195:tid 140633336334016] [client 103.169.189.155:22991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "WOW64" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "247"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: WOW64 found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36 request_line = GET /index.php/monitoring-hari-tanpa-hujan-berturut-turut/3909-monitoring-hari-tanpa-hujan-berturut-turut-propinsi-jawa-timur/monitoring-hari-tanpa-hujan-berturut-turut-dasarian-provinsi-jawa-timur/monitoring-hari-tanpa-hujan-berturut-turut-dasarian-provinsi-jawa-timur-tahun-2018/555556677-monitoring-hari-tanpa-hujan-berturut..."] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/monitoring-hari-tanpa-hujan-be ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-10-03 16:03:17 (8 months ago)	[Fri Oct 03 23:02:00.500054 2025] [security2:error] [pid 1993002:tid 140596506244800] [client 103.16 ... show more [Fri Oct 03 23:02:00.500054 2025] [security2:error] [pid 1993002:tid 140596506244800] [client 103.169.189.155:41148] ModSecurity: Access denied with code 403 (phase 1). Match of "pm /plugins/CoreHome/javascripts/manifest.json /ga-choise-v4.js /plugins/UserCountryMap/stylesheets/ /bmkg-malang.json system-v170.css google.com total-v114.js /arrow-up.webp /plant-t.webp /g/ manifest-v3.json /timeout-worker-v3.js /swiper-v112.js /pdf ..." against "REQUEST_LINE" required. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "386"] [id "440008"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: If-Modified-Since found within REQUEST_LINE: GET /ga-v5.js HTTP/2.0 request_line = GET /ga-v5.js HTTP/2.0 Request URI RAW = /ga-v5.js Request Basename = ga-v5.js"] [hostname "staklim-malang.info"] [uri "/ga-v5.js"] [unique_id "aN_zeOYlobLDiogQA38ygwABBAM"], referer https:// ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-09-23 09:48:16 (9 months ago)	[Tue Sep 23 16:46:15.317846 2025] [security2:error] [pid 128631:tid 139834085578432] [client 103.169 ... show more [Tue Sep 23 16:46:15.317846 2025] [security2:error] [pid 128631:tid 139834085578432] [client 103.169.189.155:39080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "HttpClient" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: HttpClient found within REQUEST_HEADERS:User-Agent: AndroidHttpClient (Linux; U; Android 14; in_ID; 24040RN64Y; Build/UP1A.231005.007; Cronet/138.0.7156.0) request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2024/Infografis_Himbauan_Waspada_Suhu_Panas_Ekstrem-v2.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2024/Infografis_Himbauan_Waspada_Suhu_Panas_Ekstrem-v2.webp"] [unique_id "aNJsZ_BzEije0EBbzEwOYQABFB4"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[12 ... show less	Hacking Web App Attack
🇨🇭 backslash	2025-09-22 03:56:11 (9 months ago)		Bad Web Bot
🇳🇱 exxos	2025-09-02 12:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇺🇸 LARL-Stompro-2024	2025-07-02 02:15:18 (11 months ago)	Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1	Bad Web Bot
🇯🇵 mkaraki	2025-05-11 05:04:22 (1 year ago)	1746939859 # Service_probe # SIGNATURE_SEND # source_ip:103.169.189.155 # dst_port:445 ...	Port Scan
🇦🇹 begou.dev	2025-01-24 03:28:12 (1 year ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/445	Port Scan
Anonymous	2024-12-01 15:50:08 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.223.152.45

🇳🇱 185.93.89.9

🇮🇹 151.40.78.76

🇬🇧 143.110.165.253

🇮🇳 103.48.45.169

🇺🇸 45.33.85.107

🇰🇷 211.47.121.143

🇨🇳 182.138.158.148

🇨🇳 175.178.163.18

🇺🇸 162.216.150.161

🇻🇳 123.20.189.26

🇨🇳 112.6.227.209

🇺🇸 104.234.53.41

🇸🇬 94.231.206.9

🇺🇸 73.125.123.108

🇯🇵 43.133.26.159

🇧🇪 34.77.120.141

🇨🇳 14.103.127.195

🇮🇳 14.102.123.142

🇮🇳 14.97.134.98