JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.20.252.203

157.20.252.203 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 29%: ?

29%

ISP	PT Majoe Praka Perkasa
Usage Type	Fixed Line ISP
ASN	AS138089
Hostname(s)	ptr-157-20-252-203.gmdp.net.id
Domain Name	mpp.web.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.20.252.203

Whois 157.20.252.203

IP Abuse Reports for 157.20.252.203:

This IP address has been reported a total of 41 times from 20 distinct sources. 157.20.252.203 was first reported on August 13th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-06-05 15:00:42 (1 day ago)	User login to application from malicious IP 157.20.252.203.. Threat Score: 3.5/10 (LOW). Confidence: ... show more User login to application from malicious IP 157.20.252.203.. Threat Score: 3.5/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-05 14:00:39 (1 day ago)	User login to application from malicious IP 157.20.252.203.. Threat Score: 3.7/10 (LOW). Confidence: ... show more User login to application from malicious IP 157.20.252.203.. Threat Score: 3.7/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-05 13:00:39 (1 day ago)	User login to application from malicious IP 157.20.252.203.. Threat Score: 3.8/10 (LOW). Confidence: ... show more User login to application from malicious IP 157.20.252.203.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-05 12:00:11 (1 day ago)	User login to application from malicious IP 157.20.252.203.. Threat Score: 0/10 (INFORMATIONAL). Rep ... show more User login to application from malicious IP 157.20.252.203.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇸🇬 volcaryx	2026-06-01 08:06:11 (5 days ago)	Cloudflare detected an L7 DDoS attack (l7ddos) from ID. Action: BLOCK \| Protocol: HTTP/2 (GET) \| End ... show more Cloudflare detected an L7 DDoS attack (l7ddos) from ID. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Browser16/97.0 (Device50; Linux) Engine16/24.0 (KHTML, like Gecko) Feature46/79.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇷🇴 Fn4ticHz	2026-05-29 02:46:31 (1 week ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 week ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇮🇩 sockominfo	2026-05-22 15:00:43 (2 weeks ago)	User login to application from malicious IP 157.20.252.203.. Threat Score: 3.7/10 (LOW). Confidence: ... show more User login to application from malicious IP 157.20.252.203.. Threat Score: 3.7/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇫🇷 MatStef132	2026-05-22 14:04:50 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇮🇩 sockominfo	2026-05-22 14:00:12 (2 weeks ago)	User login to application from malicious IP 157.20.252.203.. Threat Score: 0/10 (INFORMATIONAL). Rep ... show more User login to application from malicious IP 157.20.252.203.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇷🇴 Fn4ticHz	2026-05-09 14:12:42 (4 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇮🇩 sockominfo	2026-04-16 23:01:00 (1 month ago)	Deep night login (00:00-05:30) - Maximum risk Jakarta timezone (WIB). Threat Score: 8.8/10 (CRITICAL ... show more Deep night login (00:00-05:30) - Maximum risk Jakarta timezone (WIB). Threat Score: 8.8/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 9.9/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1566 (Phishing). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-16 22:00:19 (1 month ago)	Deep night login (00:00-05:30) - Maximum risk Jakarta timezone (WIB). Threat Score: 8/10 (HIGH). Rep ... show more Deep night login (00:00-05:30) - Maximum risk Jakarta timezone (WIB). Threat Score: 8/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-03-25 17:00:27 (2 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇪🇸 el-brujo	2025-12-31 12:37:44 (5 months ago)	Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; Linu ... show more Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Action: block Source: l7ddos ASN Description: GMDP-AS-ID PT.Global Media Data Prima Country: ID Method: GET Timestamp: 2025-12-31T12:37:44Z ruleId: 9bc0d8e988e545dea9bd4843c4bef55c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇹 89.153.125.230

🇺🇸 20.253.217.230

🇰🇷 220.86.28.189

🇨🇳 219.151.176.97

🇩🇪 198.7.124.229

🇸🇪 193.187.90.227

🇬🇧 185.247.137.45

🇦🇱 185.226.89.235

🇪🇨 179.49.35.217

🇩🇪 149.34.252.10

🇫🇮 147.185.133.61

🇺🇸 107.170.247.81

🇧🇩 103.171.69.95

🇳🇱 93.174.93.12

🇷🇴 80.94.92.171

🇿🇦 41.57.137.26

🇬🇷 31.217.176.204

🇮🇳 2a02:4780:11:1226:0:2ce4:2a8a:1

🇨🇭 209.99.184.143

🇨🇴 179.51.122.9