JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.201.51.42

203.201.51.42 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 14%: ?

14%

ISP	PT. Piranti Prestasi Informasi
Usage Type	Fixed Line ISP
ASN	AS18103
Hostname(s)	ip-42-51-201-203.neuviz.net.id
Domain Name	neuviz.net.id
Country	🇮🇩 Indonesia
City	Medan, North Sumatra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.201.51.42

Whois 203.201.51.42

IP Abuse Reports for 203.201.51.42:

This IP address has been reported a total of 80 times from 26 distinct sources. 203.201.51.42 was first reported on March 8th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-27 17:42:57 (1 day ago)	[Sun Jun 28 00:42:56.768367 2026] [security2:error] [pid 164181:tid 139761634141888] [client 203.201 ... show more [Sun Jun 28 00:42:56.768367 2026] [security2:error] [pid 164181:tid 139761634141888] [client 203.201.51.42:57236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yahoo.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yahoo.go.id found within REQUEST_HEADERS:Referer: https://www.yahoo.go.id/ request_line = GET /index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi"] [unique_id "akALoM2tAV70YMkybtNeSwACAhg"], referer https://www.yahoo.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[164242] [gYtpwT9SD/E] [akALoM2tAV70YMkybtNeSwACAhg] keep_alive=[1] [2026-06-28 00:42:56.768372] [R:akALoM2tAV70YMkybtNeSwACAhg] UA:'Mozilla/5.0 (Linux; Android ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-25 13:41:58 (3 days ago)	[Thu Jun 25 20:41:57.847333 2026] [security2:error] [pid 224082:tid 140398377821888] [client 203.201 ... show more [Thu Jun 25 20:41:57.847333 2026] [security2:error] [pid 224082:tid 140398377821888] [client 203.201.51.42:65026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan"] [unique_id "aj0wJUYH4Zaeh5GYhUPyEwAERQA"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[224083] [vJvlJ9TljSY] [aj0wJUYH4Zaeh5GYhUPyEwAERQA] keep_alive=[1] [2026-06-25 20:41:57.847339] [R:aj0wJUYH4Zaeh5GYhUPyEwAERQA] UA:'Mozilla/5.0 (Linux; Andr ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-18 22:29:26 (1 week ago)	[Fri Jun 19 05:29:22.723217 2026] [security2:error] [pid 982593:tid 140710949922496] [client 203.201 ... show more [Fri Jun 19 05:29:22.723217 2026] [security2:error] [pid 982593:tid 140710949922496] [client 203.201.51.42:64207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/profil/meteorologi/list-all-categories HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories"] [unique_id "ajRxQj3TMDL1dbOfRVGm1AADiQQ"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[982598] [xWC9tI5h9/M] [ajRxQj3TMDL1dbOfRVGm1AADiQQ] keep_alive=[1] [2026-06-19 05:29:22.723228] [R:ajRxQj3TMDL1dbOfRVGm1AADiQQ] UA:'Mozilla/5.0 (Android 13; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0' ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-14 08:08:06 (2 weeks ago)	[Sun Jun 14 15:08:03.249158 2026] [security2:error] [pid 1610841:tid 139664437520064] [client 203.20 ... show more [Sun Jun 14 15:08:03.249158 2026] [security2:error] [pid 1610841:tid 139664437520064] [client 203.201.51.42:54355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi"] [unique_id "ai5hY6EZsHUV2r80oIA_4QABDAQ"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1610846] [RHmANbKZt0k] [ai5hY6EZsHUV2r80oIA_4QABDAQ] keep_alive=[1] [2026-06-14 15:08:03.249165] [R:ai5hY6EZsHUV2r80oIA_4QABDAQ] UA:'Mozilla/5.0 (Linux; Android 14 ... show less	Email Spam Hacking
🇪🇸 librebit	2026-06-11 19:51:34 (2 weeks ago)	Brute force	Brute-Force
🇮🇩 hermawan	2026-06-09 02:22:27 (2 weeks ago)	[Tue Jun 09 09:22:22.687847 2026] [security2:error] [pid 113912:tid 140246067861184] [client 203.201 ... show more [Tue Jun 09 09:22:22.687847 2026] [security2:error] [pid 113912:tid 140246067861184] [client 203.201.51.42:49563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story"] [unique_id "aid43rsjDs-wabhl7EsjrQAABIA"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[113939] [9JoPzAi6ILI] [aid43rsjDs-wabhl7EsjrQAABIA] keep_alive=[0] [2026-06-09 09:22:22.687850] [R:aid43rsjDs-wabhl7EsjrQAABIA] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-02 18:21:09 (3 weeks ago)	[Wed Jun 03 01:21:05.219793 2026] [security2:error] [pid 107804:tid 139947416737472] [client 203.201 ... show more [Wed Jun 03 01:21:05.219793 2026] [security2:error] [pid 107804:tid 139947416737472] [client 203.201.51.42:65366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/geofisika/555558584-poster-skala-gempa-mmi"] [unique_id "ah8fEXuzuM6Cd6P5GVKxKgAA1gM"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[107818] [WBvIX0nYBRk] [ah8fEXuzuM6Cd6P5GVKxKgAA1gM] keep_alive=[1] [2026-06-03 01:21:05.219798] [R:ah8fEXuzuM6Cd6P5GVKxKgAA1gM] UA:'Mozilla/5.0 (iPhone; CPU ... show less	Email Spam Hacking
🇺🇸 RAP	2025-08-26 21:56:02 (10 months ago)	2025-08-26 21:56:02 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇹🇷 rtbh.com.tr	2025-08-26 08:08:26 (10 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇨🇳 ThreatBook.io	2025-08-25 22:19:19 (10 months ago)	ThreatBook Intelligence: Zombie,iot_device more details on https://threatbook.io/ip/203.201.51.42	SSH
🇺🇸 www.winos.me	2025-08-25 09:58:18 (10 months ago)	port scan	Port Scan
🇹🇷 rtbh.com.tr	2025-08-25 08:08:25 (10 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇫🇷 security.rdmc.fr	2025-08-23 03:04:02 (10 months ago)	Port Scan Attack proto:TCP src:8132 dst:23	Port Scan
🇬🇧 Nov	2025-08-22 20:07:50 (10 months ago)	Unauthorized Telnet access attempt (tcp/23)	Port Scan
🇺🇸 xmission.com	2025-08-22 14:00:48 (10 months ago)	Blocked by UFW (TCP on 23) Source port: 57820 TTL: 46 Packet length: 40 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 57820 TTL: 46 Packet length: 40 TOS: 0x08 This report (for 203.201.51.42) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 93.123.72.183

🇺🇸 64.227.0.95

🇺🇸 52.188.189.7

🇳🇱 45.148.10.141

🇺🇸 162.243.228.110

🇺🇸 141.11.88.116

🇺🇸 24.144.111.58

🇬🇧 167.99.197.34

🇺🇸 154.6.23.75

🇮🇳 125.21.59.218

🇫🇷 82.64.27.194

🇫🇷 2.21.243.182

🇩🇿 154.242.143.246

🇮🇳 103.214.132.11

🇸🇬 47.237.252.157

🇧🇷 45.185.124.7

🇺🇸 45.86.208.25

🇺🇸 8.235.66.222

🇬🇪 2.57.217.229

🇷🇴 2.57.121.25