JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.241.47.1

180.241.47.1 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 0%: ?

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Medan, North Sumatra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.241.47.1

Whois 180.241.47.1

IP Abuse Reports for 180.241.47.1:

This IP address has been reported a total of 21 times from 12 distinct sources. 180.241.47.1 was first reported on July 6th 2022, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2025-07-27 04:50:48 (10 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack
🇯🇵 ki3	2025-07-26 22:26:31 (10 months ago)	Fail2Ban: Web App Attacks and Forum Spam 180.241.47.1 1753568790.0(JST)	Web Spam Bad Web Bot Web App Attack
🇧🇷 diego	2025-04-30 11:13:02 (1 year ago)	[rede-164-29] 04/30/2025-08:13:02.517826, 180.241.47.1, Protocol: 6, ET SCAN Suspicious inbound to m ... show more [rede-164-29] 04/30/2025-08:13:02.517826, 180.241.47.1, Protocol: 6, ET SCAN Suspicious inbound to mySQL port 3306 show less	Hacking
Anonymous	2025-02-08 00:56:51 (1 year ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇨🇳 ThreatBook.io	2024-07-18 22:01:03 (1 year ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/180.241.47.1 202 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/180.241.47.1 2024-07-18 16:10:18 ["enable","system","shell","sh","cat /proc/mounts; /bin/busybox QLUKG"] show less	Brute-Force
🇺🇸 TPI-Abuse	2024-07-02 22:21:40 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 180.241.47.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 180.241.47.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 18:21:26.838184 2024] [security2:error] [pid 32098] [client 180.241.47.1:1512] [client 180.241.47.1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.47.1 (+1 hits since last alert)\|shelbysmoak.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shelbysmoak.com"] [uri "/xmlrpc.php"] [unique_id "ZoR9Zu_EmZdv9Zaiy2Iq6gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 20:15:26 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 180.241.47.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 180.241.47.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 16:15:15.752828 2024] [security2:error] [pid 19290] [client 180.241.47.1:8270] [client 180.241.47.1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.47.1 (+1 hits since last alert)\|desertautoworks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desertautoworks.com"] [uri "/xmlrpc.php"] [unique_id "ZoRf08C5uuYX6ihJPeEQwAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 19:18:31 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 180.241.47.1 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 180.241.47.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 15:18:23.293796 2024] [security2:error] [pid 16389:tid 47309417953024] [client 180.241.47.1:61200] [client 180.241.47.1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.47.1 (+1 hits since last alert)\|www.seriousgames-system.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.seriousgames-system.info"] [uri "/xmlrpc.php"] [unique_id "ZoRSfzwOXiFgmM4eO_DScAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2024-07-02 17:23:22 (1 year ago)	1.025 requests to */xmlrpc.php	Brute-Force Bad Web Bot
🇬🇧 Steve	2024-07-02 16:07:03 (1 year ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2024-07-02 13:34:37 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities - 13	Exploited Host Web App Attack
🇺🇸 MPL	2024-06-08 22:08:37 (2 years ago)	tcp/80 (2 or more attempts)	Port Scan
🇺🇸 MPL	2024-06-07 06:47:13 (2 years ago)	tcp/8080	Port Scan
🇺🇸 MPL	2024-06-07 06:47:13 (2 years ago)	tcp/8080	Port Scan
Anonymous	2024-06-05 15:23:41 (2 years ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 103.103.245.61

🇧🇷 205.210.31.217

🇦🇺 202.62.129.18

🇰🇷 183.104.220.84

🇺🇸 178.156.195.191

🇺🇸 172.253.85.222

🇺🇸 172.234.25.187

🇨🇳 116.132.254.92

🇫🇷 51.158.109.166

🇨🇳 42.123.123.238

🇬🇧 35.203.211.206

🇺🇸 18.191.2.143

🇷🇴 2.57.121.25

🇺🇸 213.188.91.7

🇺🇸 172.104.208.139

🇺🇸 162.216.149.76

🇻🇳 103.118.29.7

🇺🇸 3.132.26.232

🇮🇳 1.187.73.24

🇺🇸 216.25.89.105