JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.150.88.189

103.150.88.189 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 79%: ?

79%

ISP	PT Biznet Gio Nusantara
Usage Type	Data Center/Web Hosting/Transit
ASN	AS133800
Hostname(s)	ip-189-88-150-103.jkt-1.biznetg.io
Domain Name	biznetgio.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.150.88.189

Whois 103.150.88.189

IP Abuse Reports for 103.150.88.189:

This IP address has been reported a total of 28 times from 15 distinct sources. 103.150.88.189 was first reported on June 12th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-20 03:10:39 (13 hours ago)	Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 103.150.88.189 172.69.89.174 - - [16/Jun/2026:13:58:01 ... show more Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 103.150.88.189 172.69.89.174 - - [16/Jun/2026:13:58:01 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-18 03:08:39 (2 days ago)	Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 103.150.88.189 172.69.89.174 - - [16/Jun/2026:13:58:01 ... show more Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 103.150.88.189 172.69.89.174 - - [16/Jun/2026:13:58:01 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Francisco Carlos	2026-06-16 17:09:20 (3 days ago)	Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: env-leak. Sample: GET /.en ... show more Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: env-leak. Sample: GET /.env show less	Bad Web Bot Web App Attack
🇧🇷 Peregrine	2026-06-16 16:58:02 (4 days ago)	Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 103.150.88.189 172.69.89.174 - - [16/Jun/2026:13:58:01 ... show more Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 103.150.88.189 172.69.89.174 - - [16/Jun/2026:13:58:01 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-16 16:18:38 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg ... show more (mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 12:18:34.137076 2026] [security2:error] [pid 29932:tid 29932] [client 103.150.88.189:47470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.doctorc.net"] [uri "/.env"] [unique_id "ajF3WjOToN24W7WjzGPWbAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 15:58:49 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg ... show more (mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 11:58:44.231637 2026] [security2:error] [pid 30083:tid 30083] [client 103.150.88.189:54036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.distilledwater.net"] [uri "/.env"] [unique_id "ajFytMSzJ_hwcUZ_boLMWgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 15:43:18 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg ... show more (mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 11:43:12.924470 2026] [security2:error] [pid 32211:tid 32211] [client 103.150.88.189:40688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.digitaltom.net"] [uri "/.env"] [unique_id "ajFvEH0sTzGbXOtVAEbvPQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-16 14:38:46 (4 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-16 13:14:17 (4 days ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-06-16 09:46:58 (4 days ago)	(mod_security) mod_security triggered on hostname [redacted] 103.150.88.189 (ID/Indonesia/ip-189-88- ... show more (mod_security) mod_security triggered on hostname [redacted] 103.150.88.189 (ID/Indonesia/ip-189-88-150-103.jkt-1.biznetg.io) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-16 01:41:25 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg ... show more (mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:41:19.294562 2026] [security2:error] [pid 9807:tid 9828] [client 103.150.88.189:40754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.oftv.xyz"] [uri "/.env"] [unique_id "ajCpv6iUdfrcq3QZnsB4fwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 01:24:24 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg ... show more (mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:24:21.462300 2026] [security2:error] [pid 18365:tid 18365] [client 103.150.88.189:48300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fanarch.xyz"] [uri "/.env"] [unique_id "ajClxTQuj7s9BkXFyAxDuQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 01:04:57 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg ... show more (mod_security) mod_security (id:210492) triggered by 103.150.88.189 (ip-189-88-150-103.jkt-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:04:53.203773 2026] [security2:error] [pid 13425:tid 13425] [client 103.150.88.189:37466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.websites4sale.xyz"] [uri "/.env"] [unique_id "ajChNUSGkBfWSSdE2ot1hwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 21:30:03 (4 days ago)	Web App Attack, Hacking	Hacking Web App Attack
🇩🇪 sdos.es	2026-06-15 10:16:49 (5 days ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.19

🇺🇸 174.138.87.36

🇧🇼 168.167.228.74

🇹🇭 150.95.25.34

🇲🇦 196.92.7.249

🇦🇫 180.94.75.42

🇳🇱 176.65.139.225

🇬🇭 154.161.164.96

🇳🇱 91.92.40.153

🇸🇬 43.128.88.177

🇬🇧 35.203.211.9

🇧🇴 200.105.172.184

🇲🇽 187.190.35.163

🇲🇰 185.233.210.143

🇺🇸 172.86.114.38

🇩🇪 165.22.80.246

🇺🇸 162.216.150.127

🇺🇸 162.216.150.52

🇩🇪 84.32.10.200

🇦🇿 82.194.22.163