JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.27.207.245

103.27.207.245 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 94%: ?

94%

ISP	PT. Beon Intermedia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55688
Domain Name	beon.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.27.207.245

Whois 103.27.207.245

IP Abuse Reports for 103.27.207.245:

This IP address has been reported a total of 22 times from 17 distinct sources. 103.27.207.245 was first reported on June 15th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-16 00:14:16 (7 hours ago)	Abuse Detected (9)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-15 22:00:17 (9 hours ago)	Auto-ban: >3000 req/min op 2026-06-15	Web App Attack SSH Hacking
🇩🇪 YF	2026-06-15 17:20:10 (14 hours ago)	Environment file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:42:00 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:41:55.653765 2026] [security2:error] [pid 5314:tid 5327] [client 103.27.207.245:44472] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "charbelaj.com"] [uri "/.env"] [unique_id "ajArU2tE2BWEaagZvy1EvAAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 13:05:02 (18 hours ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=9	Hacking
🇧🇪 cmbplf	2026-06-15 12:39:12 (18 hours ago)	2.745 requests with url.path *.env	Brute-Force Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-15 12:37:04 (18 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after attack pattern. Vegas Security	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 12:33:45 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:33:41.786632 2026] [security2:error] [pid 11517:tid 11517] [client 103.27.207.245:40412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bundrenfarmstn.com"] [uri "/.env"] [unique_id "ai_xJWPgdKR_ktKXB6izywAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-15 12:24:56 (18 hours ago)	Login credentials theft attempt	Hacking
🇳🇴 jad-abuse	2026-06-15 12:20:42 (19 hours ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. O ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 9 hits. show less	Web App Attack
🇫🇷 masterguru	2026-06-15 12:12:14 (19 hours ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195) show less	Bad Web Bot
🇳🇱 e.fierstra	2026-06-15 12:10:30 (19 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-06-15 12:07:56 (19 hours ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 103.27.207.245 (ID/Indonesia/-): 1 i ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 103.27.207.245 (ID/Indonesia/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:56:20 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:56:14.118123 2026] [security2:error] [pid 3693:tid 3693] [client 103.27.207.245:53552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psicologos-omega.com"] [uri "/api/.env"] [unique_id "ai_oXjajDKXIuignG8nm1gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:29:11 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 103.27.207.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:29:01.328900 2026] [security2:error] [pid 28313:tid 28313] [client 103.27.207.245:52560] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whengarbotalks.com"] [uri "/app/.env"] [unique_id "ai_h_aLSg9pxjaQJkTRkpQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.231

🇺🇸 162.217.163.134

🇿🇦 102.213.134.218

🇷🇺 82.151.113.90

🇮🇩 69.5.0.120

🇻🇳 42.96.17.249

🇧🇷 205.210.31.211

🇰🇷 203.252.10.3

🇺🇦 195.18.18.164

🇻🇳 180.93.245.203

🇻🇳 171.231.196.99

🇺🇸 162.216.149.174

🇯🇵 118.194.228.101

🇨🇳 115.191.40.54

🇩🇪 87.106.29.151

🇺🇸 69.164.214.243

🇮🇷 2.180.189.109

🇺🇸 209.90.232.26

🇨🇴 181.78.3.229

🇩🇪 159.89.20.134