JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.247.61.20

103.247.61.20 was found in our database!

This IP was reported 557 times. Confidence of Abuse is 100%: ?

100%

ISP	JasTel Network
Usage Type	Fixed Line ISP
ASN	AS55423
Domain Name	jastel.co.th
Country	🇹🇭 Thailand
City	Bangkok, Bangkok

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.247.61.20

Whois 103.247.61.20

IP Abuse Reports for 103.247.61.20:

This IP address has been reported a total of 557 times from 210 distinct sources. 103.247.61.20 was first reported on April 5th 2026, and the most recent report was 6 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 donarev419	2026-06-29 05:05:25 (6 minutes ago)	Port scan detected on port 5902 (connection without data transfer)	Port Scan
🇧🇷 SSP	2026-06-29 04:35:27 (36 minutes ago)	Automatically generated from firewall_v2 logs on Server_ID: SPPX01 Category: Brute Force, Port Scan ... show more Automatically generated from firewall_v2 logs on Server_ID: SPPX01 Category: Brute Force, Port Scan Occurrences: 52 Unique Ports: 11 Destination Ports: 5902, 5908, 5903, 5909, 5905, 5906, 5907, 5900, 5904, 5910, 5901 First Seen: 2026-06-29 03:35 UTC Last Seen: 2026-06-29 04:15 UTC show less	Port Scan Brute-Force
🇺🇸 NetGuard	2026-06-29 03:47:57 (1 hour ago)	#honeypot #netguard247 #heralding #credentialharvesting Captured by NetGuard 24/7 T-Pot honeypot (ne ... show more #honeypot #netguard247 #heralding #credentialharvesting Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-06-29T03:47:57.669+00:00 Attacker IP: 103.247.61.20 \| Port: 5900 \| Country: Thailand Honeypot: heralding \| Attack: credential_harvesting Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Brute-Force
🇯🇵 Kinsei Engineering Inc.	2026-06-29 03:43:58 (1 hour ago)	UFW:High-frequency access to non-released ports used by software with known vulnerabilities.	Port Scan
🇺🇸 ShadowWhisperer	2026-06-29 03:25:05 (1 hour ago)	intrusion - remote (VNC session established) [remote, vnc]	Brute-Force Hacking
🇵🇱 nfsec.pl	2026-06-29 03:21:16 (1 hour ago)	Detected: TCP scan on port: 5900 with flags: SYN	Port Scan
🇫🇷 security.rdmc.fr	2026-06-29 03:10:09 (2 hours ago)	Port Scan Attack proto:TCP src:61234 dst:5900	Port Scan
🇸🇬 celestialcity	2026-06-29 00:40:10 (4 hours ago)	Blocked by UFW on celestialcityas [5906/tcp] \| SPT: 61234 \| TTL: 239 \| LEN: 40 \| TOS: 0x00 • Reporte ... show more Blocked by UFW on celestialcityas [5906/tcp] \| SPT: 61234 \| TTL: 239 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Bankbook8585	2026-06-29 00:00:04 (5 hours ago)	T-Pot honeypot \| Heralding: vnc brute-force	Hacking Brute-Force
🇺🇸 Luis Fernando Camargo	2026-06-28 23:00:26 (6 hours ago)	Honeytrapped	Port Scan Brute-Force
🇵🇱 genokrad	2026-06-28 18:21:22 (10 hours ago)	Unauthorized connection attempt on TCP/5900 (VNC)	Port Scan
Anonymous	2026-06-28 18:09:06 (11 hours ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
🇵🇱 mkey	2026-06-28 18:05:02 (11 hours ago)	Source IP from blacklist AbuseIPDB is still actively scanning our network. (9 hits in last hour, las ... show more Source IP from blacklist AbuseIPDB is still actively scanning our network. (9 hits in last hour, last seen 2026-06-28 19:36:55) show less	Port Scan
🇫🇷 JPPO	2026-06-28 17:52:48 (11 hours ago)	Multiport scan 6 ports : 5900 5901 5904 5906 5908 5909	Port Scan
🇩🇪 mueller-nils.com	2026-06-28 17:20:12 (11 hours ago)	Jun 28 18:54:39 [host] kernel: [5774438.382374] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=103.247.61.20 DS ... show more Jun 28 18:54:39 [host] kernel: [5774438.382374] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=103.247.61.20 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=3698 PROTO=TCP SPT=61234 DPT=5905 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 28 19:00:52 [host] kernel: [5774 show less	Port Scan

Showing 1 to 15 of 557 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.98.122.37

🇺🇸 137.184.220.77

🇨🇱 34.176.106.213

🇨🇦 20.63.58.40

🇧🇬 193.24.211.107

🇦🇷 181.105.47.31

🇧🇷 179.102.26.14

🇹🇭 110.77.137.236

🇻🇳 27.79.42.141

🇷🇺 213.135.90.50

🇳🇱 193.176.31.211

🇬🇧 193.176.29.11

🇹🇭 182.52.236.235

🇭🇰 123.58.215.196

🇨🇳 115.190.125.207

🇻🇳 113.167.202.23

🇮🇹 93.48.24.181

🇳🇱 91.92.42.10

🇹🇭 83.118.107.46

🇮🇳 2409:40e2:11e6:7560:59cf:72b7:bf96:3d6b