JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.208.94.17

103.208.94.17 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 20%: ?

20%

ISP	Universitas Negeri Malang
Usage Type	University/College/School
ASN	AS46059
Domain Name	um.ac.id
Country	🇮🇩 Indonesia
City	Malang, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.208.94.17

Whois 103.208.94.17

IP Abuse Reports for 103.208.94.17:

This IP address has been reported a total of 5 times from 4 distinct sources. 103.208.94.17 was first reported on July 21st 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 grassau.com	2026-06-24 09:32:16 (2 days ago)	(wordpress) Failed wordpress login from 103.208.94.17 (ID/Indonesia/-/-/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 05:48:26 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.208.94.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.208.94.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:48:18.749587 2026] [security2:error] [pid 5543:tid 5543] [client 103.208.94.17:15208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.208.94.17 (+1 hits since last alert)\|magnoliahillproductions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magnoliahillproductions.com"] [uri "/xmlrpc.php"] [unique_id "aizvInE2gI9I1CxDUxix0AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-13 05:45:29 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 03:36:05 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.208.94.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 103.208.94.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:35:59.026759 2026] [security2:error] [pid 11915:tid 11915] [client 103.208.94.17:18608] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.208.94.17 (+1 hits since last alert)\|globaldentalservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "aizQH5PNW2Jwwmwb5QtNTgAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-21 04:02:14 (11 months ago)	Web attack	Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.216

🇺🇸 172.236.123.208

🇰🇷 121.165.8.169

🇨🇳 113.142.162.15

🇮🇩 103.78.105.135

🇺🇸 64.251.149.81

🇩🇪 51.116.117.203

🇭🇰 45.142.154.33

🇺🇸 44.199.207.195

🇳🇱 185.242.226.17

🇺🇸 135.119.89.57

🇲🇾 49.124.150.254

🇷🇺 46.44.40.82

🇬🇧 45.82.76.137

🇺🇸 44.17.14.67

🇺🇸 38.148.99.59

🇮🇳 34.93.128.179

🇵🇱 31.0.168.195

🇹🇼 220.132.250.236

🇹🇷 188.59.15.180