JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.217.203.245

112.217.203.245 was found in our database!

This IP was reported 219 times. Confidence of Abuse is 100%: ?

100%

ISP	LG Uplus
Usage Type	Commercial
ASN	AS3786
Domain Name	lguplus.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.217.203.245

Whois 112.217.203.245

IP Abuse Reports for 112.217.203.245:

This IP address has been reported a total of 219 times from 119 distinct sources. 112.217.203.245 was first reported on April 30th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Mendip_Defender	2026-05-30 12:07:01 (5 days ago)	[30/May/2026:13:06:59.510651 +0100] ahrS4zacSYShWbWASY3_PAAAAAI 112.217.203.245 45056 188.246.206.60 ... show more [30/May/2026:13:06:59.510651 +0100] ahrS4zacSYShWbWASY3_PAAAAAI 112.217.203.245 45056 188.246.206.60 7081 [30/May/2026:13:06:59.545806 +0100] ahrS4yXyRAJDJ-ffzONrpwAAAEs 112.217.203.245 45062 188.246.206.60 7081 ... show less	Brute-Force
🇪🇸 alferez	2026-05-30 11:30:22 (5 days ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇺🇸 etu brutus	2026-05-30 10:43:59 (5 days ago)	112.217.203.245 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇬🇧 WebNiraj	2026-05-30 10:43:17 (5 days ago)	(mod_security) mod_security (id:949110) triggered by 112.217.203.245 (KR/South Korea/-): 5 in the la ... show more (mod_security) mod_security (id:949110) triggered by 112.217.203.245 (KR/South Korea/-): 5 in the last 3600 secs [SIGMA] show less	Brute-Force
🇲🇾 Rizzy	2026-05-30 10:39:08 (5 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇹🇷 Detmach	2026-05-30 10:16:12 (5 days ago)	Security attack detected. Multiple failed attempts from 112.217.203.245. IP banned for 1440 minutes ... show more Security attack detected. Multiple failed attempts from 112.217.203.245. IP banned for 1440 minutes at 30.05.2026 13:16:06. Failed attempts: 1 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-30 09:48:30 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 112.217.203.245 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 112.217.203.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 05:48:20.811926 2026] [security2:error] [pid 12089:tid 12089] [client 112.217.203.245:43660] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "derek-stites.com"] [uri "/bank/.env"] [unique_id "ahqyZMMSKQA2iurh9_x0gQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 jcbriar	2026-05-30 09:47:54 (5 days ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇫🇷 pm33	2026-05-30 08:30:21 (5 days ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇺🇸 ambor	2026-05-30 08:25:44 (5 days ago)	L0ss Honeypot: Environment file access attempt. Path: /.env	Web App Attack
🇩🇪 LRob.fr	2026-05-30 07:30:03 (5 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇨🇭 YF	2026-05-30 06:05:37 (5 days ago)	Environment file probe	Web App Attack
🇩🇪 4server	2026-05-30 05:41:46 (5 days ago)	[SatMay3007:41:42.9028232026][security2:error][pid3321071:tid3321211][client112.217.203.245:0]ModSec ... show more [SatMay3007:41:42.9028232026][security2:error][pid3321071:tid3321211][client112.217.203.245:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"modularss.com\"][uri\"/admin/.env\"][unique_id\"ahp4lpZxPdL8thWcmhwaowAAAMY\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 05:39:26 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 112.217.203.245 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 112.217.203.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 01:39:23.796039 2026] [security2:error] [pid 27559:tid 27559] [client 112.217.203.245:52232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modistat.com"] [uri "/backend/.env"] [unique_id "ahp4C1rRE_0eGB7IaWni1gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-05-30 05:30:50 (5 days ago)	(y3) Failed access -byebye- from 112.217.203.245 (KR/South Korea/-): (CF_ENABLE)	Hacking

Showing 151 to 165 of 219 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.237

🇫🇷 144.91.91.231

🇬🇧 217.146.80.102

🇰🇷 211.253.10.61

🇸🇾 193.43.145.66

🇯🇵 168.138.197.172

🇭🇰 152.32.226.102

🇮🇩 103.143.12.163

🇺🇸 91.230.168.124

🇧🇬 89.106.123.142

🇺🇸 84.32.131.217

🇸🇬 43.156.136.152

🇬🇧 35.203.210.64

🇰🇷 8.213.137.21

🇺🇸 209.85.210.68

🇺🇸 172.96.182.111

🇸🇬 165.154.205.91

🇮🇳 125.17.233.246

🇺🇸 107.167.34.125

🇺🇸 88.216.73.14