AbuseIPDB » 103.245.16.123
103.245.16.123 was found in our database!
This IP was reported 10 times. Confidence of
Abuse
is 0%: ?
| ISP |
Asia Pacific Network Information Centre
|
| Usage Type |
Fixed Line ISP
|
| ASN |
AS46023
|
| Hostname(s) |
103-245.16-123.quantum.net.id
|
| Domain Name |
apnic.net
|
| Country |
๐ฎ๐ฉ
Indonesia
|
| City |
Jakarta, Jakarta
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 103.245.16.123:
This IP address has been reported a total of
10
times from
7 distinct
sources.
103.245.16.123 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
๐ฎ๐ฉ
sockominfo
|
|
Reported by TangerangKota-CSIRT. Status: MALICIOUS
|
Hacking
Web App Attack
|
|
|
๐ฎ๐ฉ
sockominfo
|
|
User login to application during non-business hours. Threat Score: 6.5/10 (HIGH). Confidence: 40%. C ...
show more
User login to application during non-business hours. Threat Score: 6.5/10 (HIGH). Confidence: 40%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 87%. MITRE ATT&CK: T1046 (Network Service Scanning). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
|
Hacking
Web App Attack
|
|
|
๐ฎ๐ฉ
sockominfo
|
|
Reported by TangerangKota-CSIRT. Status: MALICIOUS
|
Hacking
Web App Attack
|
|
|
Anonymous
|
|
botnet
|
DDoS Attack
|
|
|
๐บ๐ธ
COMPLEX
|
|
Triggered Cloudflare WAF (l7ddos) from ID.
Action taken: BLOCK
ASN: 46023 (QUANTUMNET-AS-ID PT Quant ...
show more
Triggered Cloudflare WAF (l7ddos) from ID.
Action taken: BLOCK
ASN: 46023 (QUANTUMNET-AS-ID PT Quantum Tera Network)
Protocol: HTTP/2 (GET method)
Endpoint: /
show less
|
DDoS Attack
Bad Web Bot
|
|
|
๐ฉ๐ช
Packets-Decreaser.NET
|
|
Incoming Layer 7 Flood Detected
|
DDoS Attack
Web Spam
|
|
|
Anonymous
|
|
Unauthorized connection attempt on Port 2323
|
Port Scan
Hacking
Exploited Host
|
|
|
๐บ๐ธ
mawan
|
|
Suspected of having performed illicit activity on LAX server.
|
Web App Attack
|
|
|
๐บ๐ธ
Blue Pumpkin
|
|
103.245.16.123 - - [04/May/2022:19:09:29 +0000] "GET / HTTP/1.1" 302 588 "-" "Mozilla/5.0 (compatibl ...
show more
103.245.16.123 - - [04/May/2022:19:09:29 +0000] "GET / HTTP/1.1" 302 588 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
...
show less
|
Brute-Force
|
|
|
๐บ๐ธ
Blue Pumpkin
|
|
[Wed May 04 15:09:31.957874 2022] [:error] [pid 2982934] [client 103.245.16.123:0] [client 103.245.1 ...
show more
[Wed May 04 15:09:31.957874 2022] [:error] [pid 2982934] [client 103.245.16.123:0] [client 103.245.16.123] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset-3.3.2/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "76"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.2"] [tag "anomaly-evaluation"] [hostname "www.hey-ai.com"] [uri "/index.php"] [unique_id "YnKXK7TiEBkXGkCFgATJhgAAABc"]
[Wed May 04 15:09:34.542800 2022] [:error] [pid 2983116] [client 103.245.16.123:0] [client 103.245.16.123] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset-3.3.2/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "76"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.2"] [tag "anomaly-evaluation"] [hostname "www.hey-ai
...
show less
|
Brute-Force
|
|
Showing 1 to
10
of 10 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: