JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 81.27.101.242

81.27.101.242 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 0%: ?

ISP	UpCloud Cloud Servers
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202053
Domain Name	upcloud.com
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 81.27.101.242

Whois 81.27.101.242

IP Abuse Reports for 81.27.101.242:

This IP address has been reported a total of 25 times from 21 distinct sources. 81.27.101.242 was first reported on March 27th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇪 chinovaso	2026-05-11 14:15:51 (1 month ago)	WFA blocked IP on photoderm.org \| Reason: Retro auto-block (all-time): 10 offenses. Last: Matched Pa ... show more WFA blocked IP on photoderm.org \| Reason: Retro auto-block (all-time): 10 offenses. Last: Matched Pattern: <script> \| Observed: 10 WFA hits, first=2026-03-27 20:34:46, last=2026-03-27 20:34:53, max_risk=100 \| Recent evidence: GET / risk=100 rule=Matched Pattern: <script> at 2026-03-27 20:34:53 ; GET / risk=100 rule=Matched Pattern: ..\ at 2026-03-27 20:34:53 ; GET / risk=100 rule=Matched Pattern: <script> at 2026-03-27 20:34:51 \| No request payload or personal data included. show less	Web App Attack
🇬🇪 chinovaso	2026-05-05 17:13:58 (1 month ago)	WFA blocked: Retro auto-block (all-time): 10 offenses. Last: Matched Pattern: <script> \| Site: photo ... show more WFA blocked: Retro auto-block (all-time): 10 offenses. Last: Matched Pattern: <script> \| Site: photoderm.org show less	Web App Attack
🇮🇩 sockominfo	2026-03-30 05:00:32 (2 months ago)	Double URL encoding detection, XSS Attack Detected. Threat Score: 8.8/10 (CRITICAL). Confidence: 70% ... show more Double URL encoding detection, XSS Attack Detected. Threat Score: 8.8/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 93%. MITRE ATT&CK: T1078 (Valid Accounts). Tactic: TA0001. Freshness: Moderate. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-03-30 00:00:08 (2 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇳🇱 jjnxpct	2026-03-28 04:48:40 (2 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /component/pthucontent/article/80-african-books-collective (Rule ID: 941100) - XSS Attack Detected via libinjection show less	Web App Attack SQL Injection
Anonymous	2026-03-28 03:01:03 (2 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇬🇧 AvonleaConsulting	2026-03-27 22:13:26 (2 months ago)	Unrecognised attack	IoT Targeted
Anonymous	2026-03-27 22:06:49 (2 months ago)	Blocked: Reason='Suspicious traffic score=80 (review-based detection)'; Requests=33	Hacking
🇺🇸 TPI-Abuse	2026-03-27 21:55:52 (2 months ago)	(mod_security) mod_security (id:212620) triggered by 81.27.101.242 (81-27-101-242.pl-waw1.upcloud.ho ... show more (mod_security) mod_security (id:212620) triggered by 81.27.101.242 (81-27-101-242.pl-waw1.upcloud.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 17:55:48.186966 2026] [security2:error] [pid 13934:tid 13934] [client 81.27.101.242:39146] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|thegoldentether.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /board/viewtopic.php?sid=953ce940c3d02fc1fb95ed39ea6dd820&t=<script>alert('xss')</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "thegoldentether.com"] [uri "/board/viewtopic.php"] [unique_id "acb85IJm2NfVVFHR5S3o_gAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Rosh	2026-03-27 21:54:19 (2 months ago)	[03/27/26 22:54:19] 5 attacks: /---er.php (severity 8); restricted access 1! segnala.php restricte ... show more [03/27/26 22:54:19] 5 attacks: /---er.php (severity 8); restricted access 1! segnala.php restricted access 2! segnala.php restricted access 3! segnala.php show less	Web App Attack
🇮🇩 penjaga BRIN	2026-03-27 21:49:02 (2 months ago)	SQL injection attempt	SQL Injection
🇬🇧 findlab	2026-03-27 21:45:01 (2 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇬🇧 cg-design.co.uk	2026-03-27 21:17:05 (2 months ago)	(mod_security) mod_security triggered on hostname [redacted] 81.27.101.242 (FI/Finland/81-27-101-242 ... show more (mod_security) mod_security triggered on hostname [redacted] 81.27.101.242 (FI/Finland/81-27-101-242.pl-waw1.upcloud.host) show less	SQL Injection
🇭🇺 zolav8	2026-03-27 21:01:42 (2 months ago)	SQL injection / web attack attempt	Hacking SQL Injection
🇧🇪 cmbplf	2026-03-27 20:38:54 (2 months ago)	460 requests with url.path *.env	Brute-Force Bad Web Bot

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.75.239.166

🇬🇧 18.175.246.198

🇨🇳 223.106.25.165

🇩🇪 209.50.186.178

🇩🇪 209.50.186.171

🇩🇪 209.50.186.167

🇩🇪 209.50.186.160

🇧🇷 205.210.31.170

🇺🇸 165.22.39.153

🇳🇱 164.92.212.198

🇩🇪 128.1.121.13

🇳🇱 91.92.40.200

🇨🇳 59.36.76.106

🇰🇷 43.203.173.175

🇺🇸 40.124.174.248

🇧🇪 35.241.190.99

🇺🇸 34.209.60.246

🇨🇳 27.15.34.226

🇮🇳 13.233.227.142

🇯🇵 13.208.187.191