JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.65.237.233

103.65.237.233 was found in our database!

This IP was reported 253 times. Confidence of Abuse is 46%: ?

46%

ISP	PT Berkah Solusi Teknologi Informasi
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135450
Hostname(s)	233.237.65.in-addr.arpa
Domain Name	ptbsti.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.65.237.233

Whois 103.65.237.233

IP Abuse Reports for 103.65.237.233:

This IP address has been reported a total of 253 times from 105 distinct sources. 103.65.237.233 was first reported on March 2nd 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 oh.mg	2026-04-30 19:21:25 (1 month ago)	[Thu Apr 30 21:21:24.940713 2026] [security2:error] [pid 3592029:tid 3592073] [client 103.65.237.233 ... show more [Thu Apr 30 21:21:24.940713 2026] [security2:error] [pid 3592029:tid 3592073] [client 103.65.237.233:0] [client 103.65.237.233] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.ca"] [uri "/sftp-config.json"] [unique_id "afOrtLN22YYjumr8NbkHVQAAAE8"] ... show less	Web App Attack Bad Web Bot
🇫🇮 oh.mg	2026-04-30 17:12:57 (1 month ago)	[Thu Apr 30 19:12:21.479462 2026] [security2:error] [pid 3592029:tid 3592079] [client 103.65.237.233 ... show more [Thu Apr 30 19:12:21.479462 2026] [security2:error] [pid 3592029:tid 3592079] [client 103.65.237.233:58171] [client 103.65.237.233] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.on.ca"] [uri "/sftp-config.json"] [unique_id "afONdbN22YYjumr8Nbn9OQAAAFU"] [Thu Apr 30 19:12:56.782900 2026] [security2:error] [pid 3592029:tid 3592070] [client 103.65.237.233:58360] [client 103.65.237.233] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0- ... show less	Web App Attack Bad Web Bot
🇺🇸 raymarron.com	2026-04-30 13:33:24 (1 month ago)	/.vscode/sftp.json (x2) /sftp-config.json (x2)	Web App Attack
🇺🇸 entangled_mongoose	2026-04-30 00:25:50 (1 month ago)	Probed /.vscode/sftp.json.	Web App Attack
🇫🇮 Shaik Sai Meera	2026-04-29 00:04:09 (1 month ago)	IM360 WAF: Hidden file access	Brute-Force
🇦🇹 René Hickersberger	2026-04-28 22:10:23 (1 month ago)	[2026-04-28T22:10:23Z] Malicious request to /.vscode/sftp.json	Hacking Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-04-28 21:25:31 (1 month ago)	Web vulnerability probing: /.vscode/sftp.json	Web App Attack
🇯🇵 VXG-NET	2026-04-28 19:17:53 (1 month ago)	port=80, indicator_type=info-leak	Hacking
🇧🇪 madeit	2026-04-28 09:33:29 (1 month ago)		Web App Attack
🇺🇸 octageeks.com	2026-04-28 04:07:49 (1 month ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇫🇮 Shaik Sai Meera	2026-04-28 00:04:02 (1 month ago)	IM360 WAF: Hidden file access	Brute-Force
🇩🇪 FeG Deutschland	2026-04-27 02:25:25 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇮 Shaik Sai Meera	2026-04-27 00:03:47 (1 month ago)	IM360 WAF: Hidden file access	Brute-Force
🇫🇮 oh.mg	2026-04-25 07:05:47 (1 month ago)	[Sat Apr 25 09:05:31.469201 2026] [security2:error] [pid 530068:tid 530079] [client 103.65.237.233:5 ... show more [Sat Apr 25 09:05:31.469201 2026] [security2:error] [pid 530068:tid 530079] [client 103.65.237.233:54479] [client 103.65.237.233] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.cat"] [uri "/sftp-config.json"] [unique_id "aexnu6r3PXuC7jFh9qYQWQAAAQk"] [Sat Apr 25 09:05:46.285890 2026] [security2:error] [pid 530068:tid 530090] [client 103.65.237.233:54658] [client 103.65.237.233] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] ... show less	Web App Attack Bad Web Bot
🇩🇪 ut-addicted.com	2026-04-25 03:14:36 (1 month ago)	\[Sat Apr 25 05:14:35.233387 2026\] \[:error\] \[pid 4142:tid 140546024613632\] \[client 103.65.237. ... show more \[Sat Apr 25 05:14:35.233387 2026\] \[:error\] \[pid 4142:tid 140546024613632\] \[client 103.65.237.233:64259\] \[client 103.65.237.233\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/sftp-config.json"\] \[unique_id "aewxm16NSVnJ3y0hQeHjCAAAAM0"\] show less	Brute-Force Web App Attack

Showing 1 to 15 of 253 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.226.2.190

🇵🇾 181.123.136.11

🇻🇳 156.229.22.183

🇨🇳 113.231.8.171

🇨🇳 111.57.17.171

🇫🇷 91.231.89.15

🇺🇸 65.49.1.95

🇳🇱 45.148.10.206

🇩🇪 3.72.106.125

🇨🇳 220.197.78.36

🇯🇴 212.34.16.55

🇩🇪 179.61.145.113

🇰🇷 125.142.37.91

🇨🇳 220.202.112.92

🇬🇧 194.50.235.136

🇲🇽 186.96.145.241

🇨🇳 139.212.71.139

🇮🇳 128.185.253.122

🇲🇾 115.132.167.95

🇬🇧 87.106.44.172