JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.172.240.161

103.172.240.161 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 52%: ?

52%

ISP	PT Inter Koneksi Media
Usage Type	Fixed Line ISP
ASN	AS142401
Hostname(s)	161-240-172-103.interkoneksimedia.co.id
Domain Name	interkoneksimedia.co.id
Country	🇮🇩 Indonesia
City	Pekalongan, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.172.240.161

Whois 103.172.240.161

IP Abuse Reports for 103.172.240.161:

This IP address has been reported a total of 18 times from 9 distinct sources. 103.172.240.161 was first reported on May 28th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 10:52:43 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.172.240.161 (161-240-172-103.interkoneksime ... show more (mod_security) mod_security (id:240335) triggered by 103.172.240.161 (161-240-172-103.interkoneksimedia.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:52:39.214870 2026] [security2:error] [pid 6064:tid 6064] [client 103.172.240.161:58005] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.172.240.161 (+1 hits since last alert)\|stop902.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stop902.org"] [uri "/xmlrpc.php"] [unique_id "aifwd4z0Fe3mCAVgAuryhwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 08:52:40 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 07:53:19 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 103.172.240.161 (161-240-172-103.interkoneksime ... show more (mod_security) mod_security (id:240335) triggered by 103.172.240.161 (161-240-172-103.interkoneksimedia.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:53:14.594430 2026] [security2:error] [pid 20199:tid 20199] [client 103.172.240.161:64793] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.172.240.161 (+1 hits since last alert)\|modalguitarist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modalguitarist.com"] [uri "/xmlrpc.php"] [unique_id "aifGai_7T8uWhhyK6WJ33wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-09 07:50:17 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 grassau.com	2026-06-09 07:13:00 (1 day ago)	(wordpress) Failed wordpress login from 103.172.240.161 (ID/Indonesia/-/-/161-240-172-103.interkonek ... show more (wordpress) Failed wordpress login from 103.172.240.161 (ID/Indonesia/-/-/161-240-172-103.interkoneksimedia.co.id) show less	Brute-Force
Anonymous	2026-06-03 04:34:56 (1 week ago)	Attac	Brute-Force
🇫🇷 stefaniak41500	2026-06-01 07:19:07 (1 week ago)	Shield Guard: Scanner: wordpress (+70) \| Chemin suspect: /xmlrpc.php \| xmlrpc.php bloqué	Web App Attack Port Scan
🇲🇾 Rizzy	2026-06-01 06:04:12 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-01 02:06:15 (1 week ago)	Attac	Brute-Force
🇳🇱 debestelapp	2026-05-31 09:35:04 (1 week ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 03:51:27 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 103.172.240.161 (161-240-172-103.interkoneksime ... show more (mod_security) mod_security (id:225170) triggered by 103.172.240.161 (161-240-172-103.interkoneksimedia.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 23:51:22.260714 2026] [security2:error] [pid 21943:tid 21954] [client 103.172.240.161:50454] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ccgparquitectos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ccgparquitectos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahuwOnyw_spL7XBEaF48eQAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-30 03:25:02 (1 week ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇫🇷 Kenshin869	2026-05-30 02:38:47 (1 week ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 07:52:12 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.172.240.161 (161-240-172-103.interkoneksime ... show more (mod_security) mod_security (id:240335) triggered by 103.172.240.161 (161-240-172-103.interkoneksimedia.co.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 03:52:07.393174 2026] [security2:error] [pid 4698:tid 4786] [client 103.172.240.161:55700] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.172.240.161 (+1 hits since last alert)\|thecraftsycat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thecraftsycat.com"] [uri "/xmlrpc.php"] [unique_id "ahlFp7V3ON4scf07iW9NEAAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-29 07:08:23 (1 week ago)	Attac	Brute-Force

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 186.179.39.132

🇺🇸 108.62.59.54

🇺🇸 45.33.84.124

🇧🇷 205.210.31.195

🇺🇸 186.179.14.240

🇺🇸 186.179.14.196

🇺🇸 186.179.14.137

🇺🇸 186.179.14.116

🇸🇾 185.225.41.192

🇺🇸 152.32.182.41

🇻🇳 103.249.200.174

🇧🇬 91.191.209.198

🇺🇸 63.135.169.175

🇬🇧 51.75.161.33

🇳🇱 45.198.224.5

🇺🇸 205.210.31.38

🇺🇸 186.179.14.110

🇺🇸 184.105.139.68

🇺🇸 181.177.80.170

🇺🇸 181.177.80.99