JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.217.217.106

103.217.217.106 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 63%: ?

63%

ISP	PT. Infotama Lintas Global
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24529
Domain Name	infotamanet.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.217.217.106

Whois 103.217.217.106

IP Abuse Reports for 103.217.217.106:

This IP address has been reported a total of 62 times from 44 distinct sources. 103.217.217.106 was first reported on August 11th 2021, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 12:34:57 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 08:34:52.564667 2026] [security2:error] [pid 17326:tid 17326] [client 103.217.217.106:27343] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.217.106 (+1 hits since last alert)\|monmouthcountydanceclasses.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "monmouthcountydanceclasses.com"] [uri "/xmlrpc.php"] [unique_id "ajU3bNAIs-vUojSpZP2nYAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-16 08:08:01 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 rh24	2026-06-16 04:57:27 (3 days ago)	(wordpress) Failed wordpress login from 103.217.217.106 (ID/Indonesia/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 00:55:28 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 20:55:23.796078 2026] [security2:error] [pid 18205:tid 18205] [client 103.217.217.106:27339] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.217.106 (+1 hits since last alert)\|techsunlimited.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "techsunlimited.net"] [uri "/xmlrpc.php"] [unique_id "ajCe-5R-DooZQ3O3_-lbrAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-15 22:13:06 (3 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ID/Indonesia/-	Web App Attack
🇲🇾 Rizzy	2026-06-11 12:41:56 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 12:22:12 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:22:09.406659 2026] [security2:error] [pid 16955:tid 16955] [client 103.217.217.106:27332] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.217.106 (+1 hits since last alert)\|ideaofauniversity.website\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ideaofauniversity.website"] [uri "/xmlrpc.php"] [unique_id "aiVicexsSzldLoL0U7vf6AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 08:45:11 (1 week ago)	Attac	Brute-Force
Anonymous	2026-06-07 05:02:44 (1 week ago)	[ssd1.kdns.gr] httpd-xmlrpc-post: sites=dacorlaw.com; logs=/var/log/httpd/domains/dacorlaw.com.log; ... show more [ssd1.kdns.gr] httpd-xmlrpc-post: sites=dacorlaw.com; logs=/var/log/httpd/domains/dacorlaw.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-06 03:11:03 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-05-31 12:23:44 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 08:23:39.655327 2026] [security2:error] [pid 27053:tid 27053] [client 103.217.217.106:27459] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.217.106 (+1 hits since last alert)\|legacy-insight.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "legacy-insight.com"] [uri "/xmlrpc.php"] [unique_id "ahwoS7T9PC4arnLg1N30GAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 12:13:56 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 08:13:49.039100 2026] [security2:error] [pid 16819:tid 16819] [client 103.217.217.106:27360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.217.106 (+1 hits since last alert)\|iostation.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iostation.com"] [uri "/xmlrpc.php"] [unique_id "ahrUfao19Tionsr8g_QO8QAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-05-30 11:02:50 (2 weeks ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-05-30 09:07:17 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 103.217.217.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 05:07:09.734150 2026] [security2:error] [pid 28418:tid 28418] [client 103.217.217.106:27468] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.217.217.106 (+1 hits since last alert)\|sizefinder.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sizefinder.com"] [uri "/xmlrpc.php"] [unique_id "ahqovarqYRMLBLpDdBY-rQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 abdubhai	2026-05-30 08:22:38 (2 weeks ago)	103.217.217.106 - - [30/May/2026 ...	Brute-Force

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇨 177.53.215.134

🇸🇪 122.8.47.30

🇮🇷 85.198.19.253

🇮🇳 49.207.247.135

🇧🇷 45.205.1.73

🇺🇸 2607:f8b0:4004:100d::12a

🇩🇪 151.243.11.35

🇷🇴 151.242.30.224

🇺🇸 104.9.60.148

🇺🇸 100.28.57.133

🇱🇹 45.227.254.170

🇶🇦 20.173.116.24

🇺🇸 20.168.124.105

🇷🇴 2.57.121.112

🇰🇷 221.163.22.86

🇨🇴 200.10.29.236

🇻🇪 190.77.51.233

🇫🇮 185.227.68.150

🇺🇸 135.237.125.158

🇨🇳 112.82.200.29