JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.39.70.220

103.39.70.220 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 11%: ?

11%

ISP	PT Gateway media Zafira
Usage Type	Fixed Line ISP
ASN	AS150274
Domain Name	zafira.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.39.70.220

Whois 103.39.70.220

IP Abuse Reports for 103.39.70.220:

This IP address has been reported a total of 27 times from 16 distinct sources. 103.39.70.220 was first reported on March 15th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-20 13:54:26 (1 week ago)	[Sat Jun 20 20:54:23.069472 2026] [security2:error] [pid 164846:tid 140111340594880] [client 103.39. ... show more [Sat Jun 20 20:54:23.069472 2026] [security2:error] [pid 164846:tid 140111340594880] [client 103.39.70.220:52226] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.google.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.google.go.id found within REQUEST_HEADERS:Referer: https://www.google.go.id/ request_line = GET / HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ajabjzRzEE_vcIwaAkQ-GwABDAg"], referer https://www.google.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[164855] [WkAfvy9OhVs] [ajabjzRzEE_vcIwaAkQ-GwABDAg] keep_alive=[1] [2026-06-20 20:54:23.069475] [R:ajabjzRzEE_vcIwaAkQ-GwABDAg] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/128.0.2739.60 Version/17.0 Mobile/15E148 Safari/604.1' Host:'st ... show less	Email Spam Hacking
🇷🇴 Fn4ticHz	2026-05-29 02:45:59 (1 month ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇷🇴 Fn4ticHz	2026-05-09 14:01:34 (1 month ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
Anonymous	2026-04-14 22:30:23 (2 months ago)	\| [Dangerous/Indonesia] Aggressive IP 103.39.70.220 (~30 hits). Type: DoS Defender- Web server 400 e ... show more \| [Dangerous/Indonesia] Aggressive IP 103.39.70.220 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇮🇹 VHosting	2025-12-30 13:28:25 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇬🇧 Audir8 \| RRHosting	2025-11-29 19:44:38 (7 months ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoin ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /auth/login UA: QXBwbGUvRWRnZSA0Ny40Ny40NyAoV2luZG93cyBOVCA2LjE7IEVTOyBlbi1VUyk= This report is using Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇺🇸 Audir8 \| RRHosting	2025-10-05 20:54:59 (8 months ago)	2025-10-05T20:48:40.247488rrhostingusa wings[2058776]: 2025/10/05 20:48:33 http: TLS handshake error ... show more 2025-10-05T20:48:40.247488rrhostingusa wings[2058776]: 2025/10/05 20:48:33 http: TLS handshake error from 103.39.70.220:34563: write tcp 10.0.0.206:8443->103.39.70.220:34563: write: broken pipe 2025-10-05T20:49:23.266351rrhostingusa wings[2058776]: 2025/10/05 20:49:23 http: TLS handshake error from 103.39.70.220:34926: write tcp 10.0.0.206:8443->103.39.70.220:34926: write: broken pipe 2025-10-05T20:52:58.350305rrhostingusa wings[2058776]: 2025/10/05 20:52:57 http: TLS handshake error from 103.39.70.220:37373: write tcp 10.0.0.206:8443->103.39.70.220:37373: write: broken pipe ... show less	Web App Attack
🇺🇸 skycodee	2025-10-05 12:49:09 (8 months ago)	Repeated TLS handshake abuse against Pterodactyl Wings (port 8080)	DDoS Attack
🇩🇪 1gz	2025-10-01 20:18:53 (8 months ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoin ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10 ChromePlus/1.5.2.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇩🇪 1gz	2025-09-24 15:00:51 (9 months ago)	Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇰🇷 PROJECT ELIV	2025-09-11 05:27:04 (9 months ago)	ELIV CDN - DDoS attack detected for mirror.eliv.digital	DDoS Attack
🇬🇧 Silly Development	2025-08-31 23:23:50 (9 months ago)	Malicious activity detected from 150274 IDNIC-ZAFIRA-AS-ID PT Gateway media Zafira towards host pane ... show more Malicious activity detected from 150274 IDNIC-ZAFIRA-AS-ID PT Gateway media Zafira towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-08-31T23:23:50Z (2 occurrences) show less	DDoS Attack Exploited Host
🇺🇸 SuperEvilLuke	2025-08-30 09:18:07 (9 months ago)	Malicious activity detected from 150274 IDNIC-ZAFIRA-AS-ID PT Gateway media Zafira towards host pane ... show more Malicious activity detected from 150274 IDNIC-ZAFIRA-AS-ID PT Gateway media Zafira towards host panel.embotic.xyz (GET HTTP/2) @ 2025-08-30T09:18:07Z (7 occurrences) show less	DDoS Attack Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-08-29 23:41:04 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 1gz	2025-08-28 02:11:57 (10 months ago)	Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 ... show more Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.203.0 Safari/532.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.189.54.53

🇲🇽 187.191.33.9

🇹🇼 114.33.241.75

🇲🇦 102.53.15.18

🇩🇪 65.111.25.243

🇳🇱 45.148.10.121

🇺🇸 20.228.193.165

🇨🇳 14.144.15.162

🇺🇿 213.230.111.14

🇲🇽 187.208.125.216

🇮🇳 103.182.132.154

🇷🇴 80.94.92.130

🇨🇳 61.186.136.36

🇨🇳 59.53.172.206

🇳🇱 45.148.10.141

🇸🇿 41.215.146.195

🇺🇸 8.231.248.145

🇺🇸 216.213.29.192

🇺🇸 150.221.97.12

🇺🇸 104.207.43.230