JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.171.161.96

103.171.161.96 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 26%: ?

26%

ISP	PT. Eka Mas Republik
Usage Type	Fixed Line ISP
ASN	AS63859
Domain Name	myrepublic.co.id
Country	🇮🇩 Indonesia
City	Cikarang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.171.161.96

Whois 103.171.161.96

IP Abuse Reports for 103.171.161.96:

This IP address has been reported a total of 25 times from 15 distinct sources. 103.171.161.96 was first reported on May 15th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-31 00:41:32 (1 week ago)	726 limiting connections by zone (2h48m59s)	DDoS Attack
🇷🇴 Fn4ticHz	2026-05-29 02:45:44 (1 week ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-05-27 10:52:08 (1 week ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇫🇷 MatStef132	2026-05-22 14:04:09 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇷🇴 Fn4ticHz	2026-05-10 11:49:09 (3 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇷🇴 Fn4ticHz	2026-05-08 23:03:22 (4 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-04-26 08:29:53 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 NoaQT	2026-04-05 20:08:29 (2 months ago)	103.171.161.96 - - [05/Apr/2026:21:28:54 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedi ... show more 103.171.161.96 - - [05/Apr/2026:21:28:54 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedin.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:21:28:55 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikipedia.org/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:21:28:55 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikipedia.org/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:21:29:25 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:21:29:53 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedin.com/" "Mozilla/5.0 (X11; Linux ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 17:07:19 (2 months ago)	103.171.161.96 - - [05/Apr/2026:19:03:45 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.google. ... show more 103.171.161.96 - - [05/Apr/2026:19:03:45 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.google.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:19:04:05 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.zoneonline.net/news" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:19:04:05 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.zoneonline.net/news" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:19:06:12 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:19:06:12 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Ma ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 15:02:49 (2 months ago)	103.171.161.96 - - [05/Apr/2026:16:56:23 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.reddit. ... show more 103.171.161.96 - - [05/Apr/2026:16:56:23 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.reddit.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:16:58:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.tech.io/services" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:16:58:32 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:16:58:33 +0200] "GET /web/login HTTP/1.1" 499 0 "https://digitalcloud.info/services" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.171.161.96 - - [05/Apr/2026:16:59:35 +0200] "GET /web/login HTTP/1.1" 499 0 "https:/ ... show less	DDoS Attack
🇳🇱 ConsulHosting	2026-02-15 16:01:24 (3 months ago)	Part of an HTTP Flood DDoS attack and had sent at least 218 requests.	DDoS Attack Exploited Host
🇮🇳 Bharat Datacenter	2026-01-11 14:53:54 (4 months ago)	1: date=2026-01-11 time=20:23:20 eventtime=1768143200622425311 tz="+0530" logid="0720018432" type="u ... show more 1: date=2026-01-11 time=20:23:20 eventtime=1768143200622425311 tz="+0530" logid="0720018432" type="utm" subtype="anomaly" eventtype="anomaly" level="alert" vd="root" severity="critical" srcip=103.171.161.96 srccountry="Indonesia" dstip=157.10.99.34 dstcountry="India" srcintf="x2" srcintfrole="wan" sessionid=0 action="clear_session" proto=6 service="HTTPS" count=123825 attack="tcp_syn_flood" srcport=47296 dstport=443 attackid=100663396 policyid=1 policytype="DoS-policy" ref="http://www.fortinet.com/ids/VID100663396" msg="anomaly: tcp_syn_flood, 3739 > threshold 2000, repeats 123825 times since last log, pps 3776 of prior second" crscore=50 craction=4096 crlevel="critical" show less	Brute-Force
🇨🇭 backslash	2026-01-07 04:05:14 (4 months ago)		Web Spam
🇺🇸 COMPLEX	2025-11-26 21:48:34 (6 months ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 63859 (MYREPUBLIC-AS-ID PT. Eka ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 63859 (MYREPUBLIC-AS-ID PT. Eka Mas Republik) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇩🇪 1gz	2025-10-06 14:00:52 (8 months ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoin ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 103.229.125.106

🇯🇵 103.163.220.214

🇺🇸 54.172.217.71

🇺🇸 216.180.246.178

🇬🇧 194.50.235.142

🇧🇷 181.218.9.86

🇮🇩 180.243.253.245

🇸🇪 155.4.244.169

🇵🇱 143.20.97.113

🇷🇺 91.211.236.106

🇧🇷 45.205.1.244

🇧🇪 34.34.159.36

🇺🇸 2a02:4780:b:1919:0:17c9:c011:1

🇺🇸 216.25.89.70

🇨🇳 183.56.243.176

🇧🇷 179.228.54.137

🇺🇸 162.216.149.190

🇺🇸 152.117.119.86

🇮🇳 143.110.177.177

🇸🇬 118.194.234.189