JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.247.21.235

103.247.21.235 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 18%: ?

18%

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS58485
Domain Name	apnic.net
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.247.21.235

Whois 103.247.21.235

IP Abuse Reports for 103.247.21.235:

This IP address has been reported a total of 17 times from 12 distinct sources. 103.247.21.235 was first reported on March 24th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-09 10:47:32 (2 weeks ago)	[Tue Jun 09 17:47:31.627924 2026] [security2:error] [pid 439272:tid 139738522556096] [client 103.247 ... show more [Tue Jun 09 17:47:31.627924 2026] [security2:error] [pid 439272:tid 139738522556096] [client 103.247.21.235:52480] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/profil/alamat-kantor/list-all-categories/555556811-mengakses-halaman-web-https-karangploso-jatim-bmkg-go-id-secara-offline-dan-menginstallnya-di-hp-android-atau-di-komputer HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/alamat-kantor/list-all-categories/555556811-mengakses-halaman-web-https-karangploso-jatim-bmkg-go-id-secara-offline-dan-menginstallnya-di-hp-android-atau-di-komputer"] [unique_id "aifvQyv-QzW7xNwQA_hg5QAAAQg"], referer https://www.bmkg.go.id/ ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-07 07:37:53 (2 weeks ago)	[Sun Jun 07 14:37:52.730302 2026] [security2:error] [pid 790080:tid 140592826787520] [client 103.247 ... show more [Sun Jun 07 14:37:52.730302 2026] [security2:error] [pid 790080:tid 140592826787520] [client 103.247.21.235:51625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "bing" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "254"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: bing found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 14; SM-A135F Build/UP1A.231005.007; ) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/140.0.7339.51 Mobile Safari/537.36 BingSapphire/32.3.430811005 request_line = GET /images/Klimatologi/Prakiraan/03-Prakiraan-Bulanan/Prakiraan_Sifat_Hujan_Bulanan/Prakiraan_Sifat_Hujan_Bulanan_Provinsi_Jawa_Timur/2026/01_Januari_2026/01_Prediksi_Sifat_Hujan_Bulan_MARET_2026_di_Provinsi_Jawa_Timur-Update_dari_Analisis_Bulan_..."] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/03-Prakir ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-30 19:22:36 (3 weeks ago)	[Sun May 31 02:22:35.451486 2026] [security2:error] [pid 579333:tid 140573698660032] [client 103.247 ... show more [Sun May 31 02:22:35.451486 2026] [security2:error] [pid 579333:tid 140573698660032] [client 103.247.21.235:56551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.baidu.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.baidu.go.id found within REQUEST_HEADERS:Referer: http://www.baidu.go.id/ request_line = GET /timeout-worker-v3.js HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/timeout-worker-v3.js"] [unique_id "ahs4-6egpE6jxTTGpnKBqgAAFgM"], referer http://www.baidu.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[579352] [MBA34g2BRPM] [ahs4-6egpE6jxTTGpnKBqgAAFgM] keep_alive=[1] [2026-05-31 02:22:35.451491] [R:ahs4-6egpE6jxTTGpnKBqgAAFgM] UA:'Mozilla/5.0 (Linux; Android 13; SM-S901B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36' Host:'stakl ... show less	Email Spam Hacking
🇩🇪 SMARTNET	2026-05-27 06:03:53 (4 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 890c4f74-68e4-4292-9fa4-4adc7e3fc8de	DDoS Attack
Anonymous	2026-05-13 07:10:52 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 sumnone	2026-05-12 12:26:46 (1 month ago)	Port probing on unauthorized port 23	Port Scan Hacking Exploited Host
🇫🇷 bigorre.org	2026-04-22 16:22:58 (2 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇨🇦 TCP FAILED	2025-06-20 17:14:27 (1 year ago)	TCP Watch Auto Report: Detected a ddos attack and suspicious activity from this IP, indicating a pot ... show more TCP Watch Auto Report: Detected a ddos attack and suspicious activity from this IP, indicating a potential attack show less	DDoS Attack Hacking IoT Targeted
🇩🇪 Packets-Decreaser.NET	2025-06-13 11:55:42 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 Packets-Decreaser.NET	2025-05-24 12:27:19 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 uira.live	2025-05-17 04:11:15 (1 year ago)	Malicious activity detected from 58485 WIFIAN-AS-ID WIFIAN towards host uira.live (GET HTTP/2) @ 202 ... show more Malicious activity detected from 58485 WIFIAN-AS-ID WIFIAN towards host uira.live (GET HTTP/2) @ 2025-05-17T04:11:15Z (2 occurrences) show less	DDoS Attack
🇬🇧 Silly Development	2025-04-24 03:39:21 (1 year ago)	Malicious activity detected from 58485 WIFIAN-AS-ID WIFIAN towards host panel.sillydev.co.uk (GET HT ... show more Malicious activity detected from 58485 WIFIAN-AS-ID WIFIAN towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-04-24T03:39:21Z (6 occurrences) show less	DDoS Attack Hacking Exploited Host
🇺🇸 COMPLEX	2025-04-24 02:00:30 (1 year ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 58485 (WIFIAN-AS-ID WIFIAN) Prot ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 58485 (WIFIAN-AS-ID WIFIAN) Protocol: HTTP/2 (GET method) Timestamp: 2025-04-24T01:59:27Z show less	Bad Web Bot
🇦🇺 MAGIC	2025-04-09 12:02:11 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 COMPLEX	2025-04-03 01:14:20 (1 year ago)	Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 58485 (WIFIAN-AS-ID WIFIAN) Prot ... show more Triggered Cloudflare WAF (l7ddos) from ID. Action taken: BLOCK ASN: 58485 (WIFIAN-AS-ID WIFIAN) Protocol: HTTP/2 (GET method) Timestamp: 2025-04-03T01:12:51Z show less	Bad Web Bot

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.0.10.59

🇩🇪 213.209.159.226

🇧🇷 205.210.31.254

🇨🇴 186.1.175.68

🇨🇴 179.32.218.90

🇭🇰 119.8.57.112

🇺🇸 44.201.38.241

🇩🇪 209.38.239.21

🇺🇸 172.202.117.213

🇩🇪 164.90.236.107

🇺🇸 147.185.132.51

🇲🇦 105.188.35.226

🇮🇳 103.210.48.175

🇺🇸 66.185.115.248

🇺🇸 49.51.52.250

🇲🇽 46.250.170.3

🇩🇪 45.135.194.113

🇮🇹 31.59.89.180

🇨🇦 20.220.215.170

🇺🇸 3.129.92.250