JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.172.70.167

103.172.70.167 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 21%: ?

21%

ISP	PT JARINGAN LINTAS ARTHA
Usage Type	Commercial
ASN	AS142386
Hostname(s)	ip-167.70.jaringanlintasartha.com
Domain Name	jaringanlintasartha.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.172.70.167

Whois 103.172.70.167

IP Abuse Reports for 103.172.70.167:

This IP address has been reported a total of 127 times from 32 distinct sources. 103.172.70.167 was first reported on August 17th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 Fn4ticHz	2026-05-30 15:42:05 (1 week ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-05-27 11:33:32 (1 week ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇷🇴 Fn4ticHz	2026-05-09 14:26:08 (4 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇮🇩 hermawan	2026-04-27 11:43:30 (1 month ago)	[Mon Apr 27 16:01:41.323572 2026] [security2:error] [pid 172313:tid 140140489352896] [client 103.172 ... show more [Mon Apr 27 16:01:41.323572 2026] [security2:error] [pid 172313:tid 140140489352896] [client 103.172.70.167:37278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "CDN-Loop" at REQUEST_HEADERS_NAMES:Cdn-Loop. [file "/etc/modsecurity/coreruleset-4.25.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "466"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: CDN-Loop found within REQUEST_HEADERS_NAMES:Cdn-Loop: Cdn-Loop request_line = GET / HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ae8l9d2Ke6062ASKyq-EKwAFQAI"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[172316] [X4G3XO0O5AU] [ae8l9d2Ke6062ASKyq-EKwAFQAI] keep_alive=[1] [2026-04-27 16:01:41.323575] [R:ae8l9d2Ke6062ASKyq-EKwAFQAI] UA:'Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Mobile Safari/537.36' Host:'staklim-jatim.bmkg.go.id' COOKIE:'cf_clearance=tEBHxcEAQ ... show less	Email Spam Hacking
🇫🇮 percocet	2026-04-20 23:08:49 (1 month ago)	Cloudflare blocked 833 requests (HTTP 403) in 1h. Country: ID	DDoS Attack Web App Attack
🇩🇪 NoaQT	2026-04-05 22:03:24 (2 months ago)	103.172.70.167 - - [05/Apr/2026:16:31:59 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter ... show more 103.172.70.167 - - [05/Apr/2026:16:31:59 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:16:32:53 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikipedia.org/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:16:32:53 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikipedia.org/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:16:42:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:16:43:56 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.youtube.com/" "M ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 15:45:29 (2 months ago)	103.172.70.167 - - [05/Apr/2026:17:38:58 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikiped ... show more 103.172.70.167 - - [05/Apr/2026:17:38:58 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikipedia.org/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:17:41:39 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:17:41:39 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:17:41:54 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedin.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.172.70.167 - - [05/Apr/2026:17:41:54 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.linkedin.com/" "Mozill ... show less	DDoS Attack
🇯🇵 VXG-NET	2026-04-03 15:52:53 (2 months ago)	port=23658, indicator_type=N/A	Port Scan Hacking
🇯🇵 VXG-NET	2026-04-01 10:20:02 (2 months ago)	port=27273, indicator_type=N/A	Port Scan Hacking
🇺🇸 SYSMarshal	2026-03-28 23:13:32 (2 months ago)	SYSMarshal detection: Port Scanning, Web Application Attack, DDoS Attack, DNS Attack, Bad Bot [Port: ... show more SYSMarshal detection: Port Scanning, Web Application Attack, DDoS Attack, DNS Attack, Bad Bot [Port:80, Proto:UDP, EventID:5152] show less	Port Scan Web App Attack Bad Web Bot
🇩🇪 check-the-sum.fr	2026-03-27 17:34:42 (2 months ago)	Port Scanning	Port Scan
Anonymous	2026-03-27 17:30:48 (2 months ago)	Repeated unauthorized connection attempts to restricted service observed.	Port Scan Hacking Web App Attack
🇯🇵 VXG-NET	2026-03-13 00:28:49 (2 months ago)	port=24053, indicator_type=N/A	Port Scan Hacking
🇯🇵 VXG-NET	2026-03-12 22:36:43 (2 months ago)	port=50362, indicator_type=N/A	Port Scan Hacking
🇯🇵 VXG-NET	2026-03-12 20:45:42 (2 months ago)	port=52394, indicator_type=N/A	Port Scan Hacking

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 188.208.108.180

🇫🇮 185.148.3.161

🇮🇳 128.185.12.179

🇨🇳 116.22.163.70

🇳🇱 77.83.39.54

🇺🇸 45.61.187.220

🇬🇧 2a00:1450:4009:c19::122

🇨🇳 171.104.143.176

🇺🇸 162.216.150.38

🇨🇳 120.55.124.186

🇨🇳 120.48.175.69

🇺🇸 107.175.23.180

🇦🇺 58.6.206.239

🇺🇸 208.38.237.250

🇮🇷 176.65.240.242

🇺🇸 176.65.139.248

🇭🇰 103.210.237.224

🇺🇸 66.76.2.9

🇫🇷 51.68.107.148

🇭🇰 45.114.125.24