JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.254.98.30

116.254.98.30 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	PT. NAP Info Lintas Nusa
Usage Type	Fixed Line ISP
ASN	AS45700
Hostname(s)	customer.jtnaidn2.pop.starlinkisp.net
Domain Name	napinfo.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.254.98.30

Whois 116.254.98.30

IP Abuse Reports for 116.254.98.30:

This IP address has been reported a total of 15 times from 9 distinct sources. 116.254.98.30 was first reported on December 22nd 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-04-09 06:16:05 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkis ... show more (mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 02:15:59.424184 2025] [security2:error] [pid 16447:tid 16447] [client 116.254.98.30:34631] [client 116.254.98.30] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|calvarycavaliers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "calvarycavaliers.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z_YQn9fX1tku2CNW6BtP1QAAAAw"], referer: https://calvarycavaliers.org/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 12:56:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-03 00:49:14 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkis ... show more (mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 02 20:49:10.660141 2025] [security2:error] [pid 24777:tid 24777] [client 116.254.98.30:53164] [client 116.254.98.30] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|seagrovesrealty.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "seagrovesrealty.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z-3bBhkkIrV0ec_GHYCUrgAAAA4"], referer: https://seagrovesrealty.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-24 01:31:46 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkis ... show more (mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 23 21:31:40.607773 2025] [security2:error] [pid 19280:tid 19280] [client 116.254.98.30:38918] [client 116.254.98.30] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|argentinas.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "argentinas.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z-C1_OmNriU1VvQyQl4bGQAAAB0"], referer: https://argentinas.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-23 07:20:01 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkis ... show more (mod_security) mod_security (id:225170) triggered by 116.254.98.30 (customer.jtnaidn2.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 23 03:19:56.744885 2025] [security2:error] [pid 32687:tid 32687] [client 116.254.98.30:57665] [client 116.254.98.30] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z9-2HCTJ40e6lBcepIZDugAAAAA"], referer: https://primacomm.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-02-22 23:15:59 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 el-brujo	2025-02-15 23:03:00 (1 year ago)	DDoS Attack Layer 7 SilentBot	DDoS Attack
🇺🇸 tannerschermerhorn.dev	2025-02-10 18:01:53 (1 year ago)	Malicious activity detected from 45700 NAPINFO-AS-ID PT. NAP Info Lintas Nusa towards host nextcloud ... show more Malicious activity detected from 45700 NAPINFO-AS-ID PT. NAP Info Lintas Nusa towards host nextcloud.tannerschermerhorn.dev (GET HTTP/1.1) @ 2025-02-10T18:01:53Z show less	Open Proxy VPN IP Port Scan Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
🇮🇩 David Koswari	2025-02-03 17:47:59 (1 year ago)	"DDoS Attack containing REQ_CHALLENGE_JAVASCRIPT"	Brute-Force
🇮🇩 David Koswari	2025-02-03 17:47:59 (1 year ago)	"DDoS Attack containing REQ_CHALLENGE_JAVASCRIPT"	Brute-Force
🇨🇭 backslash	2025-01-25 12:26:32 (1 year ago)		DDoS Attack
Anonymous	2025-01-10 08:06:03 (1 year ago)	(CT) IP 116.254.98.30 (ID/Indonesia/customer.jtnaidn2.pop.starlinkisp.net) found to have 153 connect ... show more (CT) IP 116.254.98.30 (ID/Indonesia/customer.jtnaidn2.pop.starlinkisp.net) found to have 153 connections; Ports: 27960; SRV: 2; Action: 0; Trigger: CT_LIMIT show less	DDoS Attack Hacking
🇩🇪 Packets-Decreaser.NET	2025-01-09 10:18:52 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 David Ferneding	2025-01-03 20:06:48 (1 year ago)	Part of large-scale ddos-attack, 109371 requests from this ip	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2024-12-22 23:01:05 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.169.201.223

🇵🇰 103.152.101.245

🇺🇸 74.7.227.9

🇧🇪 34.77.7.72

🇧🇷 2804:520:c0:a600:99bc:7576:8bb5:d552

🇺🇸 209.135.170.178

🇺🇸 195.184.76.178

🇧🇬 193.24.211.107

🇳🇱 185.223.235.25

🇸🇬 165.232.169.124

🇫🇮 135.181.74.195

🇫🇷 91.231.89.12

🇫🇷 91.196.152.190

🇺🇸 91.193.232.161

🇺🇸 65.49.1.122

🇳🇱 64.225.74.178

🇱🇹 45.227.254.170

🇰🇷 39.117.79.36

🇫🇷 37.58.136.133

🇭🇰 199.45.154.137