JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.178.20.73

103.178.20.73 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	PT Trisna Mega Abadi
Usage Type	Fixed Line ISP
ASN	AS149319
Domain Name	tridatarayanet.id
Country	🇮🇩 Indonesia
City	Kepanjen, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.178.20.73

Whois 103.178.20.73

IP Abuse Reports for 103.178.20.73:

This IP address has been reported a total of 16 times from 9 distinct sources. 103.178.20.73 was first reported on March 6th 2025, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-08-13 18:17:18 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 COMPLEX	2025-08-12 19:49:20 (9 months ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 149319 (IDNIC-TRIDATARAYA-AS-ID ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 149319 (IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi) Protocol: HTTP/2 (GET method) Endpoint: /funny show less	DDoS Attack Bad Web Bot
🇬🇧 Silly Development	2025-08-10 00:59:05 (9 months ago)	Malicious activity detected from 149319 IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi towards host si ... show more Malicious activity detected from 149319 IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi towards host sillydev.co.uk (GET HTTP/2) @ 2025-08-10T00:59:05Z (3 occurrences) show less	DDoS Attack Exploited Host
🇬🇧 SuperEvilLuke	2025-08-05 19:00:43 (10 months ago)	Malicious activity detected from 149319 IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi towards host pa ... show more Malicious activity detected from 149319 IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi towards host panel.embotic.xyz (GET HTTP/2) @ 2025-08-05T19:00:43Z (2 occurrences) show less	DDoS Attack Exploited Host
🇬🇧 SuperEvilLuke	2025-08-05 18:57:03 (10 months ago)	Malicious activity detected from 149319 IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi towards host pa ... show more Malicious activity detected from 149319 IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi towards host panel.embotic.xyz (GET HTTP/2) @ 2025-08-05T18:57:03Z (2 occurrences) show less	DDoS Attack Exploited Host
Anonymous	2025-07-27 04:40:39 (10 months ago)	Ports: 25,2525,465,587,2525; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇫🇷 ᴀʀᴛ	2025-07-21 20:36:34 (10 months ago)	Triggered Cloudflare WAF (l7ddos) from ID. ASN: 149319 (IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi ... show more Triggered Cloudflare WAF (l7ddos) from ID. ASN: 149319 (IDNIC-TRIDATARAYA-AS-ID PT Trisna Mega Abadi) Protocol: HTTP/2 (GET method) UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇮🇩 hermawan	2025-06-28 10:02:59 (11 months ago)	[Sat Jun 28 17:00:43.057278 2025] [security2:error] [pid 527940:tid 139783264265920] [client 103.178 ... show more [Sat Jun 28 17:00:43.057278 2025] [security2:error] [pid 527940:tid 139783264265920] [client 103.178.20.73:40618] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "themes" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.15.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "68"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: themes found within REQUEST_FILENAME: /TableFilter/TF_Themes/Default/TF_Default.css request_line = GET /TableFilter/TF_Themes/Default/TF_Default.css HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/TableFilter/TF_Themes/Default/TF_Default.css"] [unique_id "aF-9S_Ca95D2Rkn3kNpDoAAAiwA"], referer https://staklim-jatim.bmkg.go.id/Prakicu_Mingguan_Malang_Batu-v2.html [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[527941] [k5MG3t77BPk] [aF-9S_Ca95D2Rkn3kNpDoAAAiwA] keep_alive=[1] [2025-06-28 17:00:43.057283] [R:aF-9S_Ca95D2Rkn3kNpDoAAAiwA] UA:'Mozilla/5.0 (Linu ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-05-16 05:56:57 (1 year ago)	[Fri May 16 12:55:57.573990 2025] [security2:error] [pid 261378:tid 140680678532800] [client 103.178 ... show more [Fri May 16 12:55:57.573990 2025] [security2:error] [pid 261378:tid 140680678532800] [client 103.178.20.73:34851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/2025/03_Maret_2025/Infografis-Bulanan_Prediksi_Hujan_Bulan_MEI-JUNI-JULI_Tahun_2025_Update_Dari_Analisis_Bulan_Maret_2025_di_Provinsi_Jawa_Timur.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/2025/03_Maret_2025/Infografis-Bulanan_Prediksi_Hujan_Bulan_MEI-JUNI-JULI_Tahun_2025_Update_Dari_Analisis_Bulan_Maret_2025_di_Provinsi_Jawa_Timur.jpg"] [unique_id "a ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-05-13 07:44:28 (1 year ago)	[Tue May 13 14:43:09.525720 2025] [security2:error] [pid 169992:tid 140044375250624] [client 103.178 ... show more [Tue May 13 14:43:09.525720 2025] [security2:error] [pid 169992:tid 140044375250624] [client 103.178.20.73:35954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/2025/03_Maret_2025/Infografis-Bulanan_Prediksi_Hujan_Bulan_MEI-JUNI-JULI_Tahun_2025_Update_Dari_Analisis_Bulan_Maret_2025_di_Provinsi_Jawa_Timur.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/2025/03_Maret_2025/Infografis-Bulanan_Prediksi_Hujan_Bulan_MEI-JUNI-JULI_Tahun_2025_Update_Dari_Analisis_Bulan_Maret_2025_di_Provinsi_Jawa_Timur.jpg"] [unique_id "a ... show less	Hacking Web App Attack
🇺🇸 SiliSoftware	2025-05-12 04:09:04 (1 year ago)	/phpBB3/ucp.php?mode=login&sid=9b73ceca8fbc649fb0ea76677f2234b1	Web App Attack
🇩🇪 botreporter	2025-05-07 04:20:24 (1 year ago)	botnet ignoring robots.txt	Bad Web Bot
🇮🇩 hermawan	2025-04-09 07:27:30 (1 year ago)	[Wed Apr 09 14:26:37.031526 2025] [security2:error] [pid 152211:tid 140360042763968] [client 103.178 ... show more [Wed Apr 09 14:26:37.031526 2025] [security2:error] [pid 152211:tid 140360042763968] [client 103.178.20.73:38592] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2130"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/134.0.6998.135 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 15; 2312FPC ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-04-08 07:17:59 (1 year ago)	[Tue Apr 08 14:16:34.096843 2025] [security2:error] [pid 117750:tid 140108674094784] [client 103.178 ... show more [Tue Apr 08 14:16:34.096843 2025] [security2:error] [pid 117750:tid 140108674094784] [client 103.178.20.73:51074] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2130"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/134.0.6998.135 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 15; 2312FPC ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-04-05 13:29:04 (1 year ago)	[Sat Apr 05 20:29:04.101990 2025] [security2:error] [pid 375476:tid 140419417392832] [client 103.178 ... show more [Sat Apr 05 20:29:04.101990 2025] [security2:error] [pid 375476:tid 140419417392832] [client 103.178.20.73:41910] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2130"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/134.0.6998.135 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 15; 2312FPC ... show less	Hacking Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.216.145.166

🇵🇱 89.68.245.7

🇳🇱 88.151.32.194

🇺🇸 74.209.100.246

🇺🇸 52.44.198.19

🇬🇧 31.14.254.39

🇬🇧 195.206.182.198

🇬🇧 193.32.209.237

🇬🇧 134.209.25.199

🇰🇷 121.178.185.141

🇺🇸 107.172.221.56

🇨🇳 103.91.208.101

🇳🇱 89.248.167.131

🇬🇧 81.19.219.213

🇮🇶 65.20.135.32

🇨🇳 39.144.5.205

🇬🇧 5.226.140.55

🇺🇸 3.144.137.144

🇺🇸 192.3.64.210

🇬🇧 188.240.59.13