JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.173.138.167

103.173.138.167 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 3%: ?

ISP	PT Serayu Multi Connection
Usage Type	Fixed Line ISP
ASN	AS147078
Domain Name	serayu.id
Country	🇮🇩 Indonesia
City	Biha, Lampung

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.173.138.167

Whois 103.173.138.167

IP Abuse Reports for 103.173.138.167:

This IP address has been reported a total of 10 times from 8 distinct sources. 103.173.138.167 was first reported on July 8th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-03 05:38:25 (1 week ago)	[Wed Jun 03 12:38:24.801630 2026] [security2:error] [pid 107410:tid 139880265889472] [client 103.173 ... show more [Wed Jun 03 12:38:24.801630 2026] [security2:error] [pid 107410:tid 139880265889472] [client 103.173.138.167:35640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /images/Klimatologi/Infografis/Infografis_Perubahan_Nama/Sertifikat_Kenaikan_Kelas_Unit_Pelaksanaan_Teknis_dari_Kelas_II_menjadi_Kelas_I_Stasiun_Klimatologi_Jawa_Timur_07_Mei_2026-600.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis_Perubahan_Nama/Sertifikat_Kenaikan_Kelas_Unit_Pelaksanaan_Teknis_dari_Kelas_II_menjadi_Kelas_I_Stasiun_Klimatologi_Jawa_Timur_07_Mei_2026-600.webp"] [unique_id "ah-90AWrQ36RyxFUeh1wAQAAEA0"], referer https://www.b ... show less	Email Spam Hacking
🇳🇱 maxxsense	2026-04-05 01:46:24 (2 months ago)	103.173.138.167 (ID/Indonesia/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
Anonymous	2026-03-12 23:18:33 (3 months ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp show less	Exploited Host Bad Web Bot
🇺🇸 gui-ying233	2026-02-22 00:31:55 (3 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 show less	Bad Web Bot
🇯🇵 www.winos.me	2026-01-12 02:38:49 (5 months ago)	port scan	Port Scan
🇯🇵 www.winos.me	2025-11-05 02:14:32 (7 months ago)	port scan	Port Scan
🇮🇩 hermawan	2025-10-19 23:32:29 (7 months ago)	[Mon Oct 20 06:31:11.915953 2025] [security2:error] [pid 189510:tid 139643298244288] [client 103.173 ... show more [Mon Oct 20 06:31:11.915953 2025] [security2:error] [pid 189510:tid 139643298244288] [client 103.173.138.167:2770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "okhttp" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: okhttp found within REQUEST_HEADERS:User-Agent: okhttp/4.12.0 request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2023/Mengenal_Fenomena_El_Nino_Yang_Mengancam_Indonesia.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Klimat_Story/2023/Mengenal_Fenomena_El_Nino_Yang_Mengancam_Indonesia.jpg"] [unique_id "aPV0vyHfh4XDmixI5ID6TgADWAI"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[189513] [hRqwXAsAXnQ] [aPV0vyHfh4XDmixI5ID6TgADWAI] keep_alive=[1] [2025-10-20 06:31:11.915966] [R:aP ... show less	Hacking Web App Attack
🇨🇭 backslash	2025-10-06 09:41:42 (8 months ago)	block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803	Bad Web Bot
🇳🇱 exxos	2025-09-09 21:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇺🇸 VSM Networks	2025-07-08 03:44:04 (11 months ago)	Credential Stuffing	Brute-Force

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.253.214.122

🇮🇳 125.21.53.232

🇸🇬 118.194.234.189

🇰🇷 115.178.75.242

🇲🇦 105.77.207.207

🇺🇸 104.248.177.83

🇨🇳 58.223.165.154

🇺🇸 3.15.142.175

🇺🇸 2620:171:ac:f003:9999::244

🇺🇸 192.178.115.93

🇮🇩 180.243.191.155

🇫🇷 51.254.113.225

🇧🇷 45.205.1.5

🇺🇸 45.156.129.137

🇩🇪 45.130.202.37

🇺🇦 37.221.133.111

🇹🇼 198.235.24.127

🇨🇦 195.63.17.54

🇬🇧 193.163.125.195

🇺🇦 193.38.255.65