JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.156.16.119

103.156.16.119 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 19%: ?

19%

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS141077
Domain Name	apnic.net
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.156.16.119

Whois 103.156.16.119

IP Abuse Reports for 103.156.16.119:

This IP address has been reported a total of 26 times from 19 distinct sources. 103.156.16.119 was first reported on April 5th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 anycast_ac	2026-05-31 13:25:12 (2 weeks ago)	[WebProtection] L4/L7 attack source · L4-22-GLOBAL-FLOOD · 5 hits/window	DDoS Attack
🇷🇴 Fn4ticHz	2026-05-29 02:43:19 (3 weeks ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-05-27 11:18:30 (3 weeks ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇦🇹 begou.dev	2026-05-11 13:13:54 (1 month ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/23	Port Scan
🇮🇩 sockominfo	2026-04-17 16:00:44 (2 months ago)	Late night login (22:00-05:30) - High risk Jakarta timezone (WIB). Threat Score: 9/10 (CRITICAL). Co ... show more Late night login (22:00-05:30) - High risk Jakarta timezone (WIB). Threat Score: 9/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 9.9/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1078 (Valid Accounts). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
Anonymous	2026-04-02 09:03:19 (2 months ago)	2026-04-02 11:03:18 ERROR util.AccessViolations - 103.156.16.119 report to fail2ban - action: block ... show more 2026-04-02 11:03:18 ERROR util.AccessViolations - 103.156.16.119 report to fail2ban - action: block ... show less	Hacking Brute-Force Bad Web Bot
🇮🇩 sockominfo	2026-03-23 21:00:37 (2 months ago)	User login to application during non-business hours. Threat Score: 6.5/10 (HIGH). Confidence: 40%. C ... show more User login to application during non-business hours. Threat Score: 6.5/10 (HIGH). Confidence: 40%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 87%. MITRE ATT&CK: T1046 (Network Service Scanning). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-03-23 20:00:56 (2 months ago)	User login to application during non-business hours. Threat Score: 6/10 (MEDIUM). Reported by Tanger ... show more User login to application during non-business hours. Threat Score: 6/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇺🇸 drewf.ink	2026-02-16 07:52:11 (4 months ago)	[07:52] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, ... show more [07:52] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, NT LANMAN 1.0, NT LM 0.12 show less	Hacking Exploited Host
🇭🇰 mutebot.net	2026-01-24 06:12:23 (4 months ago)	SRC=103.156.16.119, PROTO=TCP, SPT=62935, DPT=445	Port Scan
Anonymous	2025-12-10 20:27:53 (6 months ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp show less	Bad Web Bot Exploited Host
Anonymous	2025-12-10 15:10:36 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 debestelapp	2025-11-04 09:55:15 (7 months ago)		Web App Attack
🇮🇩 hermawan	2025-10-28 10:17:52 (7 months ago)	[Tue Oct 28 17:16:39.390838 2025] [security2:error] [pid 2490974:tid 139674960971456] [client 103.15 ... show more [Tue Oct 28 17:16:39.390838 2025] [security2:error] [pid 2490974:tid 139674960971456] [client 103.156.16.119:52540] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "utf-8" at REQUEST_HEADERS:Accept-Charset. [file "/etc/modsecurity/coreruleset-4.19.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "332"] [id "440015"] [msg "Bot Accept-Charset utf-8"] [data "Matched Data: utf-8 found within REQUEST_HEADERS:Accept-Charset: UTF-8 request_line = GET /images/Klimatologi/Infografis/Infografis-Iklim/Perubahan_Iklim/Anomali_Suhu_Udara_Bulanan/2025/Anomali_Suhu_Udara_Bulanan_Juni_2025.jpg HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Infografis/Infografis-Iklim/Perubahan_Iklim/Anomali_Suhu_Udara_Bulanan/2025/Anomali_Suhu_Udara_Bulanan_Juni_2025.jpg"] [unique_id "aQCYB4Uv8fkacd7fMcqCbAADRhM"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[2491033] [crXFT3UeaZ8] [aQCYB4Uv8fkacd7fMcqCbAADRhM] keep_alive=[1] [2025-10 ... show less	Hacking Web App Attack
🇳🇱 exxos	2025-10-21 07:03:01 (7 months ago)	Attacks with Bad user agents	Hacking

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 190.110.178.221

🇰🇷 118.37.214.187

🇮🇳 103.107.60.45

🇬🇧 45.198.224.46

🇺🇸 205.210.31.27

🇫🇮 147.185.133.45

🇺🇸 143.42.0.97

🇧🇷 138.94.136.100

🇭🇰 116.48.151.58

🇯🇵 103.163.220.26

🇩🇪 69.5.169.141

🇯🇵 45.32.62.47

🇬🇧 35.203.210.65

🇩🇪 212.227.187.197

🇫🇷 185.177.72.10

🇮🇳 103.98.37.176

🇬🇧 35.203.211.28

🇪🇹 196.189.237.172

🇯🇵 103.163.220.48

🇬🇧 35.203.210.56