JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.191.196.211

103.191.196.211 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 20%: ?

20%

ISP	PT Pangkalan Lintas Data
Usage Type	Fixed Line ISP
ASN	AS149934
Hostname(s)	host-196-211.palindo.id
Domain Name	palindonet.id
Country	🇮🇩 Indonesia
City	Majalengka, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.191.196.211

Whois 103.191.196.211

IP Abuse Reports for 103.191.196.211:

This IP address has been reported a total of 22 times from 14 distinct sources. 103.191.196.211 was first reported on August 18th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 Fn4ticHz	2026-05-29 02:45:51 (1 week ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-05-27 11:33:33 (1 week ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇫🇷 MatStef132	2026-05-22 14:04:07 (1 week ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇷🇴 Fn4ticHz	2026-05-09 14:02:30 (3 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇮🇹 VHosting	2026-04-26 08:29:52 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇮🇹 VHosting	2026-04-10 05:17:22 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 NoaQT	2026-04-05 22:04:39 (1 month ago)	103.191.196.211 - - [05/Apr/2026:16:30:58 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.site60 ... show more 103.191.196.211 - - [05/Apr/2026:16:30:58 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.site60.biz/about" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:36:13 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:41:28 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.pinterest.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:44:45 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.wikipedia.org/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:36:13 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twit ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 14:44:50 (1 month ago)	103.191.196.211 - - [05/Apr/2026:16:30:58 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.site60 ... show more 103.191.196.211 - - [05/Apr/2026:16:30:58 +0200] "GET /web/login HTTP/1.1" 499 0 "https://app.site60.biz/about" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:36:13 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:36:13 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:41:28 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.pinterest.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 103.191.196.211 - - [05/Apr/2026:16:41:28 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.pinter ... show less	DDoS Attack
Anonymous	2026-03-02 15:00:54 (3 months ago)	\| [Dangerous/Indonesia] Agressive IP 103.191.196.211 (~30 hits). Type: DoS Defender- Web server 400 ... show more \| [Dangerous/Indonesia] Agressive IP 103.191.196.211 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇺🇸 Audir8 \| RRHosting	2025-10-05 20:51:53 (7 months ago)	2025-10-05T20:48:04.048752rrhostingusa wings[2058776]: 2025/10/05 20:48:04 http: TLS handshake error ... show more 2025-10-05T20:48:04.048752rrhostingusa wings[2058776]: 2025/10/05 20:48:04 http: TLS handshake error from 103.191.196.211:56557: EOF 2025-10-05T20:49:20.150719rrhostingusa wings[2058776]: 2025/10/05 20:49:12 http: TLS handshake error from 103.191.196.211:57339: write tcp 10.0.0.206:8443->103.191.196.211:57339: write: broken pipe 2025-10-05T20:49:44.746157rrhostingusa wings[2058776]: 2025/10/05 20:49:40 http: TLS handshake error from 103.191.196.211:57841: write tcp 10.0.0.206:8443->103.191.196.211:57841: write: broken pipe ... show less	Web App Attack
🇺🇸 skycodee	2025-10-05 12:49:08 (7 months ago)	Repeated TLS handshake abuse against Pterodactyl Wings (port 8080)	DDoS Attack
🇬🇧 Silly Development	2025-09-29 20:52:21 (8 months ago)	Malicious activity detected from 149934 IDNIC-PALINDONET-AS-ID PT Pangkalan Lintas Data towards host ... show more Malicious activity detected from 149934 IDNIC-PALINDONET-AS-ID PT Pangkalan Lintas Data towards host sillydev.co.uk (GET HTTP/2) @ 2025-09-29T20:52:21Z (2 occurrences) show less	DDoS Attack Exploited Host
🇩🇪 1gz	2025-09-24 15:03:38 (8 months ago)	Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36 OPR/106.0.0.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 cuscusero (FlexBacks, FlexChar, FlexAve, FlexCDNM, FlexTudy, ColdHosting SL)	2025-09-10 12:47:18 (8 months ago)	[CPD ESP-BCN02-FW11-394] Suspicious connection detected on port 8080. DDoS detected	DDoS Attack Port Scan Brute-Force
🇬🇧 Silly Development	2025-09-05 04:00:00 (9 months ago)	Malicious activity detected from 149934 IDNIC-PALINDONET-AS-ID PT Pangkalan Lintas Data towards host ... show more Malicious activity detected from 149934 IDNIC-PALINDONET-AS-ID PT Pangkalan Lintas Data towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-09-05T04:00:00Z (9 occurrences) show less	DDoS Attack Exploited Host

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 169.239.182.216

🇨🇳 123.234.3.106

🇨🇳 117.72.110.172

🇳🇱 5.61.209.33

🇺🇸 2604:a940:301:225:0:12::

🇹🇼 198.235.24.76

🇺🇸 192.178.115.83

🇺🇸 172.104.11.46

🇺🇸 165.154.235.59

🇨🇳 144.123.77.50

🇱🇰 123.231.115.91

🇨🇳 123.182.62.25

🇨🇳 123.172.54.15

🇨🇳 122.9.46.175

🇻🇳 113.163.254.143

🇱🇹 81.30.98.158

🇳🇱 45.142.193.169

🇧🇪 34.79.77.85

🇵🇭 27.110.166.67

🇺🇸 20.14.72.151