JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.247.23.141

103.247.23.141 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 23%: ?

23%

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS58485
Hostname(s)	ip-sub-23-141.wifian.id
Domain Name	apnic.net
Country	🇮🇩 Indonesia
City	Ngawi, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.247.23.141

Whois 103.247.23.141

IP Abuse Reports for 103.247.23.141:

This IP address has been reported a total of 8 times from 7 distinct sources. 103.247.23.141 was first reported on January 16th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-22 04:07:44 (1 week ago)	06/22/2026-11:07:40.390254 [Drop] [] [1:2210054:1] SURICATA STREAM excessive retransmissions [] ... show more 06/22/2026-11:07:40.390254 [Drop] [] [1:2210054:1] SURICATA STREAM excessive retransmissions [] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 103.247.23.141:46349 -> 103.166.156.58:443 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-14 04:59:06 (2 weeks ago)	[Sun Jun 14 11:59:02.977756 2026] [security2:error] [pid 1492427:tid 139664541849280] [client 103.24 ... show more [Sun Jun 14 11:59:02.977756 2026] [security2:error] [pid 1492427:tid 139664541849280] [client 103.247.23.141:54976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat"] [unique_id "ai41FuqdRHfxUq-2brR4ZAABRgA"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1492428] [R1eOkS+MUlM] [ai41FuqdRHfxUq-2brR4ZAABRgA] keep_alive=[1] [2026-06-14 ... show less	Email Spam Hacking
🇺🇸 nodepile	2026-05-29 04:16:46 (1 month ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/media/catalog/product/placeholder/ ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/media/catalog/product/placeholder/default/image_placeholder_med.jpg ua='Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.9563.1565 Safari/537.36') show less	Open Proxy VPN IP
🇮🇩 sockominfo	2026-05-28 16:00:39 (1 month ago)	User login to application during non-business hours. Threat Score: 6.6/10 (HIGH). Confidence: 40%. C ... show more User login to application during non-business hours. Threat Score: 6.6/10 (HIGH). Confidence: 40%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 86%. MITRE ATT&CK: T1046 (Network Service Scanning). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-25 15:00:47 (1 month ago)	Honeypot hit: Unauthorized traffic on 135/epmapper	Port Scan
🇹🇷 SeczarSecureOps	2026-05-24 07:56:03 (1 month ago)	Auto-blocked by Seczar SecureOps — Database Service Brute Force (8 events in 5min) at 2026-05-24 07: ... show more Auto-blocked by Seczar SecureOps — Database Service Brute Force (8 events in 5min) at 2026-05-24 07:56 show less	Web App Attack
🇫🇮 6kilowatti	2026-04-09 15:55:43 (2 months ago)	2026-04-09T18:55:42.417863+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-04-09T18:55:42.417863+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=103.247.23.141 DST=5.61.88.83 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=8289 DF PROTO=TCP SPT=62907 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 xmission.com	2026-01-16 11:12:07 (5 months ago)	Blocked by UFW (TCP on 23) Source port: 36014 TTL: 49 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 36014 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 103.247.23.141) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.91

🇧🇷 177.55.229.97

🇳🇱 160.119.71.133

🇭🇰 131.143.239.158

🇩🇪 104.207.53.125

🇨🇳 14.103.10.167

🇰🇷 218.150.184.241

🇧🇷 177.55.205.140

🇧🇷 177.55.197.196

🇧🇷 177.54.230.179

🇳🇱 176.65.139.219

🇮🇳 122.168.127.153

🇨🇳 119.142.129.88

🇧🇩 103.179.198.19

🇫🇷 91.196.152.90

🇺🇸 63.135.161.136

🇧🇷 45.186.121.26

🇳🇱 34.34.21.42

🇺🇸 2604:a880:2:d1:0:1:51e7:e001

🇨🇳 218.78.92.139