IP Address

103.8.59.250

IPv4 Public
ID ID
AS45707
Prime Link Communication, PT
206 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
99% Confidence
206 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 5% Most Dangerous
ID
ID Location
Prime Link Communication,... ASN 45707
206 Reports
Honeypot Data Source

Critical Threat

IP address 103.8.59.250, registered in Indonesia and operated by Prime Link Communication, PT under autonomous system AS45707, is a critical-risk threat actor with a maximum threat-level score of 10 out of 10 and 100 percent confidence in malicious attribution. The address generated 200 total abuse reports across automated honeypot sensors between January and June 2026, with an activity frequency rated 8 out of 10, indicating sustained and persistent hostile behaviour over a six-month observation window. The dominant threat category is SSH-based intrusion, supplemented by broader hacking activity.

Detection data from 20 independent automated honeypot sensors recorded 200 total reports, with 16 reports specifically categorised as SSH attacks and 4 categorised as general hacking attempts. Internal detection logs document 25 separate fail2ban violations tied to sshd, consistent with sustained brute-force authentication attacks against exposed SSH services. A Suricata alert additionally flagged an active SSH session in progress on an unexpected port, suggesting the host has successfully established at least one foothold on a targeted system. The six-month reporting window from January through June 2026 demonstrates that this activity is not isolated or opportunistic but represents deliberate, continuous targeting of remote access infrastructure.

SSH brute-force attacks exploit the ubiquitous presence of misconfigured or weakly credentialed SSH servers by systematically testing username and password combinations until access is granted. The detection of an established SSH session on a non-standard port is particularly significant, as it indicates the attacker pivoted past initial authentication and is now operating within a compromised environment, potentially deploying further payloads, harvesting data or establishing persistent backdoor access. Combined with general hacking probes, this IP demonstrates a comprehensive intrusion methodology that threatens both the confidentiality and integrity of any exposed server running an SSH daemon.

Site operators should immediately block 103.8.59.250 at the network perimeter firewall and implement fail2ban or equivalent log-based rate-limiting to automatically ban repeat offenders after a configurable threshold of failed authentication attempts. All SSH services should enforce key-based authentication exclusively, disable root login and change the default port to reduce surface area. Intrusion detection systems should be tuned to alert on SSH sessions originating from unexpected ports, and operators should audit existing systems for any signs of unauthorised access coinciding with this IP's activity window. Regular patching and adherence to hardening benchmarks will further reduce susceptibility to the broader hacking activity documented in these reports.

More threatening than 100% of monitored IPs

Threat Categories

SSH 26
Hacking 4

Technical Details

SSH attacks attempt to gain server access through password guessing or exploitation of SSH vulnerabilities.

Recommended Mitigations

Use key-based authentication, change default ports, implement fail2ban, and disable root login.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 3 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 7. June 2026
Recent (7 days) 5 incidents

Moderate Network Risk

The network hosting this IP (ASN 45707, operated by Prime Link Communication, PT) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 8/10 High
Confidence Score 98% Verified

Confidence History

24. May 2026 - 7. Jun 2026
99% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot x2 75%
SSH Honeypot 75%
SSH Honeypot 75%
10 of 206 shown

Technical Details

Basic Information

IP Address
103.8.59.250
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
ID ID
ASN
AS45707
ISP
Prime Link Communication, PT

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
206
First Reported
29 Jan 2026
Last Reported
7 Jun 2026, 08:57

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS45707
Prime Link Communication, PT
ID ID

Network Threat Assessment

4/10
This network has low threat indicators with minimal suspicious activity.

Network Statistics

2
Total IPs Monitored
120
Total Reports
60
Reports per IP

Network Context

This IP address belongs to Prime Link Communication, PT (AS45707), which manages 2 IP addresses in our monitoring system. Out of these, 120 have been reported for suspicious activities, resulting in a network-wide threat level of 4/10.

Network notice: This network shows some suspicious activity patterns. Monitor interactions with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

100 %

Global Threat Ranking

This IP is more threatening than 100% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,479 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 206 avg: 23 ++

Network Comparison

Compared against 2 IPs in ASN 45707

Threat Level 10/10 network avg: 9.0 =
Total Reports 206 network avg: 106 ++
Network Prime Link Communication, PT has overall threat level 4/10

Geographic Comparison

Compared against 5,540 IPs in ID

Threat Level 10/10 country avg: 5.4 ++
Total Reports 206 country avg: 16 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,140 threat incidents tracked globally • Last 24h: 19,043 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,446 20.5%
  2. 02
    IN
    India IN
    29,023 15.5%
  3. 03
    CN
    China CN
    26,021 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,142 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID THIS IP
    5,539 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,654 2.5%
  10. 10
    NL
    Netherlands NL
    4,356 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

1 Related IPs
8/10 Avg Threat
53% Avg Confidence
1 High Threat
High-risk network: Majority of related IPs are flagged
202.43.117.38 8/10
Confidence 53%
Reports 6
Location ID ID
7 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
9.5/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
103.76.120.219 8/10
Confidence 100%
Reports 310
ISP PT Cloud Hostin...
24 Feb 2026
103.177.15.14 10/10
Confidence 100%
Reports 164
ISP PT Angkasa Pura...
9 Jun 2026
103.84.5.9 10/10
Confidence 100%
Reports 99
ISP PT Netciti Persada
8 Jun 2026
103.84.7.190 10/10
Confidence 100%
Reports 63
ISP PT Netciti Persada
7 Jun 2026
202.145.0.61 10/10
Confidence 100%
Reports 50
ISP PT. Uninet Medi...
9 Jun 2026
103.67.78.201 8/10
Confidence 100%
Reports 48
ISP PT Cloud Hostin...
25 Apr 2026
116.197.133.25 8/10
Confidence 100%
Reports 46
ISP PT. Fiber Netwo...
9 Jun 2026
103.132.52.46 10/10
Confidence 100%
Reports 46
ISP PT. ADEAKSA IND...
29 May 2026
182.16.252.18 10/10
Confidence 100%
Reports 41
ISP INTERLINK TECHN...
8 Jun 2026
139.255.100.188 8/10
Confidence 100%
Reports 26
ISP Linknet ASN
9 Jun 2026
103.187.146.33 10/10
Confidence 100%
Reports 20
ISP Cloud Host Pte Ltd
28 May 2026
103.191.14.243 10/10
Confidence 99%
Reports 88
ISP PT Aplikanusa L...
31 May 2026
103.190.214.241 10/10
Confidence 99%
Reports 56
ISP PT Aplikanusa L...
4 Jun 2026
43.248.27.115 10/10
Confidence 99%
Reports 47
ISP Neuviz Net
8 Jun 2026
163.7.4.169 10/10
Confidence 99%
Reports 38
ISP Byteplus Pte. Ltd.
4 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.7/10 Avg Threat
99% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
103.61.123.221 8/10
Confidence 99%
Reports 337
Location VN VN
23 Feb 2026
212.89.15.132 8/10
Confidence 99%
Reports 237
Location ES ES
24 Apr 2026
77.90.185.37 8/10
Confidence 99%
Reports 204
Location DE DE
9 Jun 2026
103.216.117.42 8/10
Confidence 99%
Reports 191
Location VN VN
11 May 2026
121.200.217.27 8/10
Confidence 99%
Reports 169
Location VN VN
12 May 2026
103.213.127.100 8/10
Confidence 99%
Reports 158
Location NP NP
2 Mar 2026
220.71.199.64 10/10
Confidence 99%
Reports 155
Location KR KR
7 Jun 2026
87.121.84.81 8/10
Confidence 99%
Reports 152
Location US US
20 Apr 2026
121.200.217.28 8/10
Confidence 99%
Reports 151
Location VN VN
8 Jun 2026
121.168.139.251 10/10
Confidence 99%
Reports 146
Location KR KR
1 Jun 2026
38.95.35.85 8/10
Confidence 99%
Reports 133
Location US US
8 May 2026
196.189.237.92 10/10
Confidence 99%
Reports 111
Location ET ET
18 May 2026
34.39.58.191 8/10
Confidence 99%
Reports 108
Location GB GB
3 May 2026
141.148.33.145 10/10
Confidence 99%
Reports 104
Location US US
8 Jun 2026
93.14.117.117 10/10
Confidence 99%
Reports 103
Location FR FR
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "103.8.59.250",
    "threat_level": 10,
    "confidence_score": 99,
    "total_reports": 206,
    "country_code": "ID",
    "isp_name": "Prime Link Communication, PT",
    "asn": "45707",
    "first_reported": "2026-01-29 06:48:32",
    "last_reported": "2026-06-07 08:57:14",
    "exported_at": "2026-06-09T08:57:58+02:00",
    "source": "https://reportedip.de/ip/103.8.59.250/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses