JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.166.104.170

103.166.104.170 was found in our database!

This IP was reported 262 times. Confidence of Abuse is 0%: ?

ISP	PT iForte Global Internet
Usage Type	Fixed Line ISP
ASN	AS17995
Hostname(s)	170.104.166.103.ptr.iforte.net.id
Domain Name	iforte.net.id
Country	🇮🇩 Indonesia
City	Purwakarta, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.166.104.170

Whois 103.166.104.170

IP Abuse Reports for 103.166.104.170:

This IP address has been reported a total of 262 times from 59 distinct sources. 103.166.104.170 was first reported on June 1st 2024, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇮 borisperc	2025-08-03 10:17:29 (10 months ago)		Web Spam Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host Web App Attack
🇸🇮 borisperc	2025-07-30 12:22:36 (10 months ago)		Web Spam Port Scan Bad Web Bot Web App Attack
🇸🇮 borisperc	2025-07-25 17:18:45 (10 months ago)		Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-12-22 22:58:15 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇹🇷 rtbh.com.tr	2024-11-06 20:53:29 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2024-11-05 20:53:32 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2024-11-04 13:08:42 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net ... show more (mod_security) mod_security (id:225170) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 08:08:38.421252 2024] [security2:error] [pid 10299:tid 10299] [client 103.166.104.170:33661] [client 103.166.104.170] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|morninginc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "morninginc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZyjHVnlDBwcIuJ3wn-ePggAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-27 04:50:17 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-10-25 12:48:46 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net ... show more (mod_security) mod_security (id:240335) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 25 08:48:41.576825 2024] [security2:error] [pid 30136:tid 30136] [client 103.166.104.170:55828] [client 103.166.104.170] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.166.104.170 (+1 hits since last alert)\|bamedica.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bamedica.com"] [uri "/xmlrpc.php"] [unique_id "ZxuTqXFl7ksL158B4TSJ1wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-24 12:40:56 (1 year ago)	(wordpress) Failed wordpress login from 103.166.104.170 (ID/Indonesia/170.104.166.103.ptr.iforte.net ... show more (wordpress) Failed wordpress login from 103.166.104.170 (ID/Indonesia/170.104.166.103.ptr.iforte.net.id) show less	Brute-Force
🇺🇸 TPI-Abuse	2024-10-24 09:59:05 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net ... show more (mod_security) mod_security (id:240335) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 24 05:58:58.189314 2024] [security2:error] [pid 4094:tid 4094] [client 103.166.104.170:36679] [client 103.166.104.170] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.166.104.170 (+1 hits since last alert)\|www.profitablepurposes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.profitablepurposes.com"] [uri "/xmlrpc.php"] [unique_id "ZxoaYltpEBytVLQdD7PtHAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-23 19:08:13 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net ... show more (mod_security) mod_security (id:240335) triggered by 103.166.104.170 (170.104.166.103.ptr.iforte.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 23 15:08:06.498478 2024] [security2:error] [pid 10985:tid 10985] [client 103.166.104.170:53982] [client 103.166.104.170] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.166.104.170 (+1 hits since last alert)\|mccompu.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mccompu.com"] [uri "/xmlrpc.php"] [unique_id "ZxlJlis6Bno8_6TE2d4KkwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-10-22 13:03:09 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇹🇷 rtbh.com.tr	2024-10-20 20:53:40 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2024-10-19 20:53:43 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 262 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.119

🇳🇱 178.16.54.88

🇺🇸 107.180.88.176

🇮🇳 223.233.64.5

🇨🇳 221.207.54.128

🇨🇳 218.4.91.162

🇦🇷 190.105.214.48

🇬🇧 185.216.145.187

🇷🇺 176.120.22.240

🇰🇷 125.176.202.122

🇨🇳 123.52.35.110

🇰🇷 121.159.41.81

🇨🇳 120.48.28.60

🇩🇪 69.5.169.227

🇩🇪 69.5.169.160

🇨🇳 61.178.209.47

🇧🇷 45.229.91.34

🇬🇧 213.166.84.62

🇫🇮 178.20.215.191

🇺🇸 147.185.132.107