JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.103.115.18

103.103.115.18 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 29%: ?

29%

ISP	PT Handayani Fiber Media
Usage Type	Fixed Line ISP
ASN	AS150467
Domain Name	handayanifiber.com
Country	🇮🇩 Indonesia
City	Depok, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.103.115.18

Whois 103.103.115.18

IP Abuse Reports for 103.103.115.18:

This IP address has been reported a total of 14 times from 5 distinct sources. 103.103.115.18 was first reported on November 24th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 14:39:05 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:38:58.769440 2026] [security2:error] [pid 14616:tid 14616] [client 103.103.115.18:41182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.scperu.net"] [uri "/.env"] [unique_id "aiwaAq4HaJE0RNAqeO0fiQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:23:50 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:23:47.308498 2026] [security2:error] [pid 29887:tid 29887] [client 103.103.115.18:38794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.schoolsliaisoncommunity.net"] [uri "/.env"] [unique_id "aiwWc5PmMT3Ju_e3XgMkZAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hagen Schoebel	2026-06-12 14:20:47 (9 hours ago)	Blocked by CrowdSec - crowdsecurity/vpatch-env-access (ID)	Port Scan Brute-Force Web App Attack SSH
🇺🇸 TPI-Abuse	2026-06-12 14:07:08 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:07:05.796926 2026] [security2:error] [pid 520:tid 520] [client 103.103.115.18:36720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.scanlanlaserdesign.nashes.net"] [uri "/.env"] [unique_id "aiwSiQGokRUH53W-fdbsUQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 13:37:20 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:37:14.269471 2026] [security2:error] [pid 15958:tid 15958] [client 103.103.115.18:55946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.santurri.net"] [uri "/.env"] [unique_id "aiwLitkWJ74BVbXGlV5fTQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-06-12 09:31:24 (14 hours ago)	Probing for .env file: 103.103.115.18 - - [12/Jun/2026:11:31:21 +0200] "GET /.env HTTP/1.1" 403 548 ... show more Probing for .env file: 103.103.115.18 - - [12/Jun/2026:11:31:21 +0200] "GET /.env HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 05:38:57 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 01:38:50.587654 2026] [security2:error] [pid 18928:tid 19029] [client 103.103.115.18:50584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1shot.us"] [uri "/.env"] [unique_id "aiubalIsfl5Reb8SAY7FHwAAAgU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:19:36 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:19:31.545787 2026] [security2:error] [pid 31893:tid 31893] [client 103.103.115.18:37014] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lejzerowicz.org"] [uri "/.env"] [unique_id "aiuI01di72itI1BApMPtaQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 03:32:16 (20 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 23:32:12.614750 2026] [security2:error] [pid 19057:tid 19059] [client 103.103.115.18:56784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lancasterdesignercraftsmen.org"] [uri "/.env"] [unique_id "ait9vNdQ_brZnF6sZ5G0AgAAAYA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-12 02:07:15 (21 hours ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇭🇺 bcsaba	2026-06-11 21:12:55 (1 day ago)	Probing for .env file: 103.103.115.18 - - [11/Jun/2026:23:12:55 +0200] "GET /.env HTTP/1.1" 400 632 ... show more Probing for .env file: 103.103.115.18 - - [11/Jun/2026:23:12:55 +0200] "GET /.env HTTP/1.1" 400 632 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 17:36:30 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:36:23.820502 2026] [security2:error] [pid 25406:tid 25406] [client 103.103.115.18:47768] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elimer.com.ve"] [uri "/.env"] [unique_id "airyF_a1D9KyAsywvYZpfQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 17:11:31 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.103.115.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:11:26.799147 2026] [security2:error] [pid 9084:tid 9084] [client 103.103.115.18:36614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.papelandia.com.ve"] [uri "/.env"] [unique_id "airsPlU78slOb4MEl_oqbwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 diego	2024-11-24 13:10:26 (1 year ago)	[rede-184-149] 11/24/2024-10:09:29.047215, 103.103.115.18, Protocol: 17, POSSBL SCAN FRAG (NMAP -f)	Port Scan

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 104.23.239.37

🇬🇧 87.236.176.185

🇫🇮 188.126.89.41

🇫🇮 188.126.89.40

🇲🇽 187.191.48.23

🇳🇱 159.223.213.49

🇧🇷 191.8.216.111

🇫🇮 188.126.89.38

🇨🇳 180.76.98.88

🇨🇳 153.37.177.219

🇿🇦 102.129.63.81

🇺🇸 44.220.188.91

🇨🇳 202.46.62.7

🇺🇸 162.216.150.18

🇩🇪 155.117.13.209

🇨🇦 148.170.156.248

🇩🇪 104.23.239.75

🇩🇪 91.97.0.16

🇷🇺 89.175.252.170

🇬🇧 80.82.115.208