JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.168.66.141

103.168.66.141 was found in our database!

This IP was reported 1,793 times. Confidence of Abuse is 100%: ?

100%

ISP	DiGiVPS.com
Usage Type	Data Center/Web Hosting/Transit
ASN	AS142430
Hostname(s)	141.66.168.103.in-addr.arpa.digivps.com
Domain Name	digivps.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.168.66.141

Whois 103.168.66.141

IP Abuse Reports for 103.168.66.141:

This IP address has been reported a total of 1,793 times from 594 distinct sources. 103.168.66.141 was first reported on July 13th 2023, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-06-12 22:00:50 (1 hour ago)	FTP attack Jun 12 22:37:22	Brute-Force FTP Brute-Force
🇫🇷 LiloBzH	2026-06-12 21:45:13 (2 hours ago)	103.168.66.141 - - [12/Jun/2026:23:45:11 +0200] "GET /.git/config HTTP/1.1" 403 548 "https://durand. ... show more 103.168.66.141 - - [12/Jun/2026:23:45:11 +0200] "GET /.git/config HTTP/1.1" 403 548 "https://durand.bzh/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 103.168.66.141 - - [12/Jun/2026:23:45:12 +0200] "GET /.git/config HTTP/1.1" 403 146 "https://durand.bzh/" "Go-http-client/1.1" 103.168.66.141 - - [12/Jun/2026:23:45:12 +0200] "GET /.git/config? HTTP/1.1" 403 548 "https://durand.bzh/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" show less	Web App Attack
🇪🇸 netfactotum	2026-06-12 21:24:52 (2 hours ago)		Hacking Web App Attack
Anonymous	2026-06-12 19:02:30 (4 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 103.168.66.141 (US/United States/141.66 ... show more (mod_security) mod_security triggered on hostname [redacted] 103.168.66.141 (US/United States/141.66.168.103.in-addr.arpa.digivps.com) show less	SQL Injection
🇺🇸 kadour	2026-06-12 17:42:51 (6 hours ago)	[Fri Jun 12 12:42:50.270772 2026] [proxy_fcgi:error] [pid 1100545:tid 1100628] [client 103.168.66.14 ... show more [Fri Jun 12 12:42:50.270772 2026] [proxy_fcgi:error] [pid 1100545:tid 1100628] [client 103.168.66.141:23440] AH01071: Got error 'Primary script unknown', referer: https://ravenloft.net/wp-cron.php [Fri Jun 12 12:42:50.407656 2026] [proxy_fcgi:error] [pid 1908685:tid 1908727] [client 103.168.66.141:23570] AH01071: Got error 'Primary script unknown', referer: https://ravenloft.net/index.php?controller=authentication [Fri Jun 12 12:42:50.412644 2026] [proxy_fcgi:error] [pid 1100555:tid 1100673] [client 103.168.66.141:23768] AH01071: Got error 'Primary script unknown', referer: https://ravenloft.net/wp-login.php [Fri Jun 12 12:42:50.412981 2026] [proxy_fcgi:error] [pid 2126871:tid 2126922] [client 103.168.66.141:23830] AH01071: Got error 'Primary script unknown', referer: https://ravenloft.net/xmlrpc.php [Fri Jun 12 12:42:50.502976 2026] [proxy_fcgi:error] [pid 1100545:tid 1100614] [client 103.168.66.141:23440] AH01071: Got error 'Primary script unknown', referer: https://ravenloft.net/php ... show less	Web App Attack
🇫🇷 Hostynet	2026-06-12 17:18:42 (6 hours ago)	TCP SYN flood detected by MikroTik RouterOS filter (sustained half-open connection rate from single ... show more TCP SYN flood detected by MikroTik RouterOS filter (sustained half-open connection rate from single source). Source automatically blacklisted. show less	DDoS Attack
🇦🇺 AWW-Admin	2026-06-12 17:15:59 (6 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 103.168.66.141 (US/United States/141.66 ... show more (mod_security) mod_security triggered on hostname [redacted] 103.168.66.141 (US/United States/141.66.168.103.in-addr.arpa.digivps.com) show less	SQL Injection
Anonymous	2026-06-12 17:05:59 (6 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing show less	Bad Web Bot Web App Attack
🇩🇪 on-com	2026-06-12 16:37:45 (7 hours ago)	URL scan	Brute-Force Web App Attack
Anonymous	2026-06-12 14:50:06 (9 hours ago)	103.168.66.141 - - [12/Jun/2026:16:49:55 +0200] "GET /server-status HTTP/1.1" 403 7914 "https://work ... show more 103.168.66.141 - - [12/Jun/2026:16:49:55 +0200] "GET /server-status HTTP/1.1" 403 7914 "https://workinginthearts.nl/" "python-requests/2.31.0" 103.168.66.141 - - [12/Jun/2026:16:49:55 +0200] "GET /api/v1/totp/user-backup-code/../../system/system-information HTTP/1.1" 403 7914 "https://workinginthearts.nl/" "curl/8.4.0" 103.168.66.141 - - [12/Jun/2026:16:50:01 +0200] "GET /.git/HEAD HTTP/1.1" 403 562 "https://workinginthearts.nl/" "curl/8.4.0" 103.168.66.141 - - [12/Jun/2026:16:50:01 +0200] "GET /.env HTTP/1.1" 403 562 "https://workinginthearts.nl/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15" 103.168.66.141 - - [12/Jun/2026:16:50:01 +0200] "GET /.ssh/id_rsa HTTP/1.1" 403 7914 "https://workinginthearts.nl/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 103.168.66.141 - - [12/Jun/2026:16:50:01 +0200] "GET /.env HTTP/1.1" 403 562 "https://workingi ... show less	DDoS Attack
Anonymous	2026-06-12 14:45:22 (9 hours ago)	$f2bV_matches	Brute-Force Web App Attack
🇺🇸 kosada.com	2026-06-12 13:35:59 (10 hours ago)	Web vulnerability probing: /webtools/control/main	Web App Attack
🇳🇿 Antinson	2026-06-12 12:36:59 (11 hours ago)	Scraping with a high error ratio and request rate Requests to unauthorized or suspicious endpoints ( ... show more Scraping with a high error ratio and request rate Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.) show less	Bad Web Bot
🇬🇧 consul.to	2026-06-12 12:19:31 (11 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 dbmwebdesign	2026-06-12 11:55:14 (11 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack

Showing 1 to 15 of 1793 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.133

🇬🇧 185.166.42.143

🇨🇳 183.141.186.175

🇩🇪 167.71.48.103

🇫🇮 147.185.133.110

🇺🇸 136.109.72.168

🇭🇰 101.36.122.139

🇧🇾 86.57.206.207

🇷🇺 83.239.108.218

🇺🇸 67.199.225.116

🇸🇬 43.134.42.6

🇬🇧 35.203.211.104

🇱🇰 220.247.224.226

🇳🇱 195.178.110.30

🇫🇷 185.255.126.57

🇰🇷 112.175.29.94

🇸🇬 104.223.37.89

🇩🇪 77.0.57.166

🇹🇼 60.250.246.239

🇮🇩 36.95.221.140