JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.69.124.157

13.69.124.157 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.69.124.157

Whois 13.69.124.157

IP Abuse Reports for 13.69.124.157:

This IP address has been reported a total of 69 times from 15 distinct sources. 13.69.124.157 was first reported on May 13th 2021, and the most recent report was 5 years ago.

Old Reports: The most recent abuse report for this IP address is from 5 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 SecondEdge	2021-06-05 17:51:41 (5 years ago)	Web scan/attack: detected 4 distinct attempt(s) within a 12-hour window (Git Variable Scan)	Web App Attack
🇺🇸 MortimerCat	2021-06-05 07:44:31 (5 years ago)	Attempting to download environment file	Web App Attack
🇬🇧 santhosh	2021-06-05 03:51:46 (5 years ago)	Hacking	Hacking
🇮🇩 hermawan	2021-06-05 01:06:22 (5 years ago)	[Sat Jun 05 12:06:19.897049 2021] [:error] [pid 11635:tid 139898868451072] [client 13.69.124.157:636 ... show more [Sat Jun 05 12:06:19.897049 2021] [:error] [pid 11635:tid 139898868451072] [client 13.69.124.157:63676] [client 13.69.124.157] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/.env"] [unique_id "YLsGS6XKgXJh-nY@0OYfigAAANU"] ... show less	Hacking Web App Attack
🇺🇸 FireballDWF	2021-06-04 12:30:08 (5 years ago)	404 NOT FOUND	Web App Attack
🇮🇩 hermawan	2021-06-01 23:36:58 (5 years ago)	[Wed Jun 02 10:36:46.831327 2021] [:error] [pid 26772:tid 140570277598976] [client 13.69.124.157:608 ... show more [Wed Jun 02 10:36:46.831327 2021] [:error] [pid 26772:tid 140570277598976] [client 13.69.124.157:60819] [client 13.69.124.157] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/.env"] [unique_id "YLb8zmMndMZPYqxZsD87vQAAAPY"] ... show less	Hacking Web App Attack
🇬🇧 santhosh	2021-06-01 05:41:15 (5 years ago)	Hacking	Hacking
🇬🇧 SecondEdge	2021-05-31 19:36:37 (5 years ago)	Web scan/attack: detected 8 distinct attempt(s) within a 12-hour window (Git Variable Scan)	Web App Attack
🇺🇸 FireballDWF	2021-05-31 12:20:08 (5 years ago)	404 NOT FOUND	Web App Attack
🇬🇧 SecondEdge	2021-05-30 19:36:32 (5 years ago)	Web scan/attack: detected 8 distinct attempt(s) within a 12-hour window (Git Variable Scan)	Web App Attack
Anonymous	2021-05-30 15:23:14 (5 years ago)	$f2bV_matches	Web App Attack
🇺🇸 FireballDWF	2021-05-30 11:15:06 (5 years ago)	404 NOT FOUND	Web App Attack
🇮🇪 santhosh	2021-05-30 05:22:45 (5 years ago)	Hacking	Hacking
🇮🇩 hermawan	2021-05-29 22:37:15 (5 years ago)	[Sun May 30 09:37:12.564281 2021] [:error] [pid 21483:tid 140221388969728] [client 13.69.124.157:544 ... show more [Sun May 30 09:37:12.564281 2021] [:error] [pid 21483:tid 140221388969728] [client 13.69.124.157:54442] [client 13.69.124.157] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.1-rc1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/.env"] [unique_id "YLL6WMh6r6siceu3Eh55uQAAALA"] ... show less	Hacking Web App Attack
🇬🇧 SecondEdge	2021-05-29 19:32:08 (5 years ago)	Web scan/attack: detected 4 distinct attempt(s) within a 12-hour window (Git Variable Scan)	Web App Attack

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 81.192.46.45

🇬🇧 81.19.219.195

🇺🇸 71.6.232.30

🇩🇪 69.5.169.229

🇺🇸 66.132.186.207

🇺🇸 64.62.156.201

🇮🇪 51.37.180.109

🇬🇧 5.226.140.49

🇺🇸 209.141.47.217

🇨🇳 202.46.62.83

🇺🇸 162.216.150.142

🇩🇪 156.67.143.234

🇨🇳 118.145.242.127

🇦🇹 68.210.200.55

🇺🇸 66.132.186.216

🇰🇷 59.24.133.197

🇧🇪 34.156.15.170

🇻🇳 27.79.44.110

🇬🇧 5.226.140.48

🇹🇼 198.235.24.60