JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.47.134.73

103.47.134.73 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 10%: ?

10%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Hostname(s)	host-103-47-134-73.myrepublic.co.id
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.47.134.73

Whois 103.47.134.73

IP Abuse Reports for 103.47.134.73:

This IP address has been reported a total of 13 times from 8 distinct sources. 103.47.134.73 was first reported on October 29th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 week ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇩🇪 filstal.org	2026-04-30 16:11:12 (1 month ago)	Bad web bot: Spoofed/obsolete UA (Opera/9.48.(X11; Linux x86_64; bhb-IN) Presto/2.9.176 Version/12.0 ... show more Bad web bot: Spoofed/obsolete UA (Opera/9.48.(X11; Linux x86_64; bhb-IN) Presto/2.9.176 Version/12.00). Mass-scanning WordPress plugin. Coordinated large-scale bot attack. show less	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-04-05 06:29:51 (2 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇨🇿 lp	2026-02-13 02:56:03 (3 months ago)	Email account brute force: 2 attempts were recorded from 103.47.134.73 2026-02-13T02:49:57+01:00 war ... show more Email account brute force: 2 attempts were recorded from 103.47.134.73 2026-02-13T02:49:57+01:00 warning: unknown[103.47.134.73]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-13T02:49:58+01:00 warning: unknown[103.47.134.73]: SASL PLAIN authentication failed: authentication failure, [email protected] show less	Brute-Force
Anonymous	2026-02-13 01:28:16 (3 months ago)	2026-02-13T03:28:15.992568+02:00 soli-gate postfix/submission/smtpd[3309190]: warning: unknown[103.4 ... show more 2026-02-13T03:28:15.992568+02:00 soli-gate postfix/submission/smtpd[3309190]: warning: unknown[103.47.134.73]: SASL LOGIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇮🇹 VHosting	2026-02-06 17:32:23 (4 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇮🇩 hermawan	2026-01-06 03:34:40 (5 months ago)	[Tue Jan 06 10:34:38.629623 2026] [security2:error] [pid 1018308:tid 139701297080000] [client 103.47 ... show more [Tue Jan 06 10:34:38.629623 2026] [security2:error] [pid 1018308:tid 139701297080000] [client 103.47.134.73:34639] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "189"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=476&id=660%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-19-24-agustus-2015&start=190 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=476&id=660%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-19-24-agustus-2015&start=190 R..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aVyCzgWOQ172 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-12-10 06:01:50 (5 months ago)	[Wed Dec 10 13:01:20.922532 2025] [security2:error] [pid 533720:tid 139837752440512] [client 103.47. ... show more [Wed Dec 10 13:01:20.922532 2025] [security2:error] [pid 533720:tid 139837752440512] [client 103.47.134.73:47583] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "189"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: 7% found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=474&id=517%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-28-april-4-mei-2015&start=110 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=474&id=517%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-28-april-4-mei-2015&start=110 ..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aTkMsIIflP0gv ... show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-09 17:00:52 (5 months ago)	User login attempt during non-business hours.. Threat Score: 6/10 (MEDIUM). Reported by TangerangKot ... show more User login attempt during non-business hours.. Threat Score: 6/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇺🇸 ipblock.com	2025-12-03 12:14:00 (6 months ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability probe.	Hacking Bad Web Bot Web App Attack
🇮🇩 hermawan	2025-11-13 14:01:37 (6 months ago)	[Thu Nov 13 20:57:49.625634 2025] [security2:error] [pid 1568364:tid 140633328031424] [client 103.47 ... show more [Thu Nov 13 20:57:49.625634 2025] [security2:error] [pid 1568364:tid 140633328031424] [client 103.47.134.73:29627] ModSecurity: Access denied with code 403 (phase 2). Pattern match "." at ARGS_NAMES:start. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-921-PROTOCOL-ATTACK.conf"] [line "728"] [id "921170"] [msg "deny 921170"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: s found within ARGS_NAMES:start: start request_line = GET /index.php/component/tags/tag/klimatologi?start=7000 HTTP/2.0 Request URI RAW = /index.php/component/tags/tag/klimatologi?start=7000 Request Basename = klimatologi"] [ver "OWASP_CRS/4.20.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ATTACK"] [tag "capec/1000/152/137/15/460"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/component/tags/tag/klimatologi"] [unique_id "aRXj3UtRJNv8_0TqBXb ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-11-08 11:50:38 (6 months ago)	[Sat Nov 08 17:15:40.820322 2025] [security2:error] [pid 1026732:tid 140251308648128] [client 103.47 ... show more [Sat Nov 08 17:15:40.820322 2025] [security2:error] [pid 1026732:tid 140251308648128] [client 103.47.134.73:49846] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "183"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=476&id=611%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-14-juli-20-juli-2015&start=150 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=476&id=611%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-14-juli-20-juli-2015&start=1..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aQ8YTGCqjAe4 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-10-29 08:36:18 (7 months ago)	[Wed Oct 29 15:36:15.800252 2025] [security2:error] [pid 1153706:tid 140039515256512] [client 103.47 ... show more [Wed Oct 29 15:36:15.800252 2025] [security2:error] [pid 1153706:tid 140039515256512] [client 103.47.134.73:6755] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.19.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2120"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/138.0.7204.179 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; DUB- ... show less	Hacking Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8c04:e001

🇺🇸 178.156.198.226

🇨🇦 148.113.221.114

🇸🇬 118.194.234.189

🇨🇳 117.14.242.47

🇳🇬 102.88.55.204

🇸🇬 101.100.194.181

🇯🇵 43.165.174.224

🇳🇱 5.61.209.126

🇮🇳 4.224.81.31

🇬🇧 217.146.80.108

🇩🇪 213.209.159.228

🇷🇺 213.180.203.9

🇲🇽 186.96.145.241

🇩🇪 165.227.170.113

🇺🇸 162.81.54.105

🇭🇰 154.81.14.172

🇮🇳 122.187.228.231

🇨🇳 118.25.146.120

🇨🇦 85.217.149.46