JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.65.237.124

103.65.237.124 was found in our database!

This IP was reported 559 times. Confidence of Abuse is 100%: ?

100%

ISP	PT Berkah Solusi Teknologi Informasi
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135450
Hostname(s)	124.237.65.in-addr.arpa
Domain Name	ptbsti.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.65.237.124

Whois 103.65.237.124

IP Abuse Reports for 103.65.237.124:

This IP address has been reported a total of 559 times from 187 distinct sources. 103.65.237.124 was first reported on November 18th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-05 22:25:23 (1 day ago)		Brute-Force Web App Attack
🇺🇸 ambor	2026-06-05 07:25:24 (1 day ago)	Honeypot triggered on tcpdata.com - Attempted to access /sftp-config.json (config_file_probe). User- ... show more Honeypot triggered on tcpdata.com - Attempted to access /sftp-config.json (config_file_probe). User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 show less	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-05 01:07:02 (2 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-06-04 23:46:45 (2 days ago)	Fail2Ban apache-tripwires	Web App Attack
🇫🇷 SpaceHost-Server	2026-06-04 22:25:21 (2 days ago)		Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-04 20:54:46 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 ELYAZ	2026-06-04 19:15:01 (2 days ago)	(y4) Failed scan -byebye- from 103.65.237.124 (ID/Indonesia/124.237.65.in-addr.arpa): (CF_ENABLE)	Hacking
🇫🇷 masterguru	2026-06-04 09:34:34 (2 days ago)	Restricted File Access Attempt. Matched phrase "config.json" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇩🇪 macrob	2026-06-04 07:22:31 (2 days ago)	2026/06/04 07:21:39 [error] 944313#944313: 279980706 access forbidden by rule, client: 103.65.237.1 ... show more 2026/06/04 07:21:39 [error] 944313#944313: 279980706 access forbidden by rule, client: 103.65.237.124, server: antzcapital.com, request: "GET /.vscode/sftp.json HTTP/1.1", host: "antzcapital.com" 2026/06/04 07:22:24 [error] 944313#944313: 279982150 access forbidden by rule, client: 103.65.237.124, server: binofferes.com, request: "GET /.vscode/sftp.json HTTP/1.1", host: "binofferes.com" 2026/06/04 07:22:30 [error] 944316#944316: 279982419 access forbidden by rule, client: 103.65.237.124, server: binomiotorrido.pt, request: "GET /.vscode/sftp.json HTTP/1.1", host: "binomiotorrido.pt" ... show less	Web App Attack
🇮🇩 Burayot	2026-06-04 01:12:13 (3 days ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 103.65.237.124 (ID/Indonesia/124.237 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 103.65.237.124 (ID/Indonesia/124.237.65.in-addr.arpa): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 rdpguard.com	2026-06-03 20:46:49 (3 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇩🇪 4server	2026-06-03 11:20:43 (3 days ago)	[WedJun0313:20:40.2672842026][security2:error][pid1662229:tid1662326][client103.65.237.124:0]ModSecu ... show more [WedJun0313:20:40.2672842026][security2:error][pid1662229:tid1662326][client103.65.237.124:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"aaaa6877.org\"][uri\"/sftp-config.json\"][unique_id\"aiAOCFpZGZSRZx3z46Fq-gAAAQA\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-05-27 17:04:40 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: ID, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: ID, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
Anonymous	2026-05-26 17:04:13 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: ID, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: ID, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
🇺🇸 raymarron.com	2026-05-26 16:44:57 (1 week ago)	/.vscode/sftp.json /sftp-config.json	Web App Attack

Showing 1 to 15 of 559 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 176.193.141.80

🇨🇳 218.81.36.35

🇨🇷 201.194.10.63

🇳🇱 176.65.148.2

🇨🇳 175.0.66.47

🇫🇷 173.249.2.184

🇪🇸 170.253.16.124

🇺🇸 107.150.103.88

🇺🇸 66.132.172.237

🇱🇹 45.227.254.170

🇳🇱 45.148.10.151

🇳🇱 45.142.193.164

🇨🇳 223.149.251.15

🇺🇸 216.25.89.114

🇺🇸 172.70.5.29

🇯🇵 150.109.198.102

🇧🇬 79.124.49.102

🇺🇸 64.62.197.220

🇨🇳 58.19.79.184

🇧🇪 35.189.214.116