JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.189.201.45

103.189.201.45 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 25%: ?

25%

ISP	PT Indonesia Comnets Plus
Usage Type	Fixed Line ISP
ASN	AS9341
Domain Name	iconpln.net.id
Country	🇮🇩 Indonesia
City	Surabaya, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.189.201.45

Whois 103.189.201.45

IP Abuse Reports for 103.189.201.45:

This IP address has been reported a total of 21 times from 11 distinct sources. 103.189.201.45 was first reported on February 6th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 botreporter	2026-06-27 02:38:37 (1 day ago)	botnet ignoring robots.txt	Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-20 16:05:38 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇩🇪 pltcldvlpr	2026-06-07 12:11:17 (3 weeks ago)	Bogus Useragent: 103.189.201.45 - - [07/Jun/2026:14:11:16 +0200] "GET /protocol?id=nw_18_101&paragra ... show more Bogus Useragent: 103.189.201.45 - - [07/Jun/2026:14:11:16 +0200] "GET /protocol?id=nw_18_101&paragraph=10795485&seq=96 HTTP/1.1" 444 0 "-" "Opera/8.35.(X11; Linux i686; lb-LU) Presto/2.9.160 Version/10.00" asn=9341 org="PT INDONESIA COMNETS PLUS" country=ID ... show less	Bad Web Bot
🇪🇸 el-brujo	2026-06-07 06:42:37 (3 weeks ago)	Cloudflare WAF: Request Path: /index.php Request Query: ?PHPSESSID=vgqcrqu35sfv2emtctq1qh6jpb&msg=17 ... show more Cloudflare WAF: Request Path: /index.php Request Query: ?PHPSESSID=vgqcrqu35sfv2emtctq1qh6jpb&msg=1791219 Host: forum.elhacker.net userAgent: Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.2; Trident/3.0) Action: log Source: firewallManaged ASN Description: PT INDONESIA COMNETS PLUS Country: ID Method: GET Timestamp: 2026-06-07T06:42:37Z ruleId: 017d4edd6754438087991348543c4667. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇱🇻 garmtech.com	2026-04-12 20:08:53 (2 months ago)	IM360 WAF: PHP code tags in HTTP headers MV:http://arsenal.lv/en/10985-)?>	Web App Attack
🇩🇪 EGP Abuse Dept	2026-03-22 00:48:12 (3 months ago)	Scanning for port/service exploits on tpc-036.mach3builders.nl	Port Scan Hacking
🇮🇩 hermawan	2026-01-28 03:13:47 (5 months ago)	[Wed Jan 28 10:13:49.124179 2026] [security2:error] [pid 482167:tid 140123610003136] [client 103.189 ... show more [Wed Jan 28 10:13:49.124179 2026] [security2:error] [pid 482167:tid 140123610003136] [client 103.189.201.45:11115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.22.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "358"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: utf-8 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aXl-7UUpKz0okqByZjscvQAAAEw"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[482206] [WKf9IKrqcFM] [aXl-7UUpKz0okqByZjscvQAAAEw] keep_alive=[0] [2026-01-28 10:13:49.124186] [R:aXl-7UUpKz0okqByZjscvQAAAEw] UA:'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6.1 Mobile/15E148 Safari/604.1' Host:'staklim-jatim.bmkg.go.id' Accept-Encoding:'gzip ... show less	Hacking Web App Attack
🇪🇸 librebit	2026-01-18 12:44:12 (5 months ago)	Brute force	Brute-Force
Anonymous	2025-11-17 08:40:24 (7 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇩 hermawan	2025-11-06 18:03:25 (7 months ago)	[Thu Nov 06 23:35:29.067171 2025] [security2:error] [pid 990433:tid 140567116760768] [client 103.189 ... show more [Thu Nov 06 23:35:29.067171 2025] [security2:error] [pid 990433:tid 140567116760768] [client 103.189.201.45:58832] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.19.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2168"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/141.0.7390.122 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 15; SM-A05 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-10-05 06:35:43 (8 months ago)	[Sun Oct 05 13:29:35.248028 2025] [security2:error] [pid 1852540:tid 140074537678528] [client 103.18 ... show more [Sun Oct 05 13:29:35.248028 2025] [security2:error] [pid 1852540:tid 140074537678528] [client 103.189.201.45:50676] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2129"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Mobile/15E148 OcIdWebView ({\\x22zoom\\x22:1,\\x22appVersion\\x22:\\x22388.0.811331708\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_6_2 lik ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-05-12 16:05:46 (1 year ago)	[Mon May 12 23:05:45.113027 2025] [security2:error] [pid 167842:tid 140132266456768] [client 103.189 ... show more [Mon May 12 23:05:45.113027 2025] [security2:error] [pid 167842:tid 140132266456768] [client 103.189.201.45:37964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/2025/03_Maret_2025/Infografis-Bulanan_Prediksi_Hujan_Bulan_MEI-JUNI-JULI_Tahun_2025_Update_Dari_Analisis_Bulan_Maret_2025_di_Provinsi_Jawa_Timur.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Bulanan/2025/03_Maret_2025/Infografis-Bulanan_Prediksi_Hujan_Bulan_MEI-JUNI-JULI_Tahun_2025_Update_Dari_Analisis_Bulan_Maret_2025_di_Provinsi_Jawa_Timur.jpg"] [unique_id " ... show less	Hacking Web App Attack
🇸🇬 pusathosting.com	2025-01-09 00:04:15 (1 year ago)	imap2 failed login	Brute-Force
🇸🇬 pusathosting.com	2025-01-08 00:02:27 (1 year ago)	imap2 failed login	Brute-Force
🇸🇬 pusathosting.com	2025-01-07 00:01:27 (1 year ago)	imap2 failed login	Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.3.154.58

🇨🇳 124.228.34.69

🇻🇳 113.161.222.150

🇸🇬 101.32.244.206

🇩🇪 85.28.47.237

🇨🇳 218.13.26.42

🇳🇱 178.16.54.174

🇺🇸 165.154.172.37

🇵🇰 160.187.180.146

🇺🇸 152.53.243.149

🇨🇳 120.231.70.116

🇨🇳 120.48.154.88

🇩🇪 94.16.115.103

🇭🇰 61.244.153.78

🇩🇪 207.154.206.226

🇳🇱 195.178.110.30

🇫🇷 85.217.140.27

🇬🇧 2a06:4880:c000::f5

🇬🇭 154.161.234.206

🇨🇲 154.70.102.114