JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.136.65.216

147.136.65.216 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 14%: ?

14%

ISP	Darkness Reigns (Holding) B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	darkness-reigns.net
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.136.65.216

Whois 147.136.65.216

IP Abuse Reports for 147.136.65.216:

This IP address has been reported a total of 10 times from 3 distinct sources. 147.136.65.216 was first reported on April 13th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-24 03:40:52 (3 days ago)	[Wed Jun 24 10:40:47.598045 2026] [security2:error] [pid 105591:tid 139966910293696] [client 147.136 ... show more [Wed Jun 24 10:40:47.598045 2026] [security2:error] [pid 105591:tid 139966910293696] [client 147.136.65.216:35828] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "ajtRv5SeqFiAO8YiH494FAAARgA"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[105592] [ZwwZpDeRL6I] [ajtRv5SeqFiAO8YiH494FAAARgA] keep_alive=[1] [2026-06-24 10:40:47.598048] [R:ajtRv5SeqFiAO8YiH494FAAARgA] UA:'Mozilla/5.0 (Linux; Android 14; Pixel 6 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.119 Mobile Safari/537.36 OPR/81.2.4292.78581' ... show less	Email Spam Hacking
🇩🇪 HandyTreff.de	2026-06-18 08:13:34 (1 week ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -35.661 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -35.661 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Linux; Android 9; SM-S901B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mob show less	Web App Attack Bad Web Bot
🇮🇩 hermawan	2026-06-12 23:48:10 (2 weeks ago)	[Sat Jun 13 06:48:06.173661 2026] [security2:error] [pid 439412:tid 140091650377408] [client 147.136 ... show more [Sat Jun 13 06:48:06.173661 2026] [security2:error] [pid 439412:tid 140091650377408] [client 147.136.65.216:57100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat"] [unique_id "aiyatgigXTG45AHTyM4kIwABUxY"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[439435] [gtmnG1fGacU] [aiyatgigXTG45AHTyM4kIwABUxY] keep_alive=[1] [2026- ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-06 13:56:42 (3 weeks ago)	[Sat Jun 06 20:56:37.598597 2026] [security2:error] [pid 41979:tid 140594065090240] [client 147.136. ... show more [Sat Jun 06 20:56:37.598597 2026] [security2:error] [pid 41979:tid 140594065090240] [client 147.136.65.216:54846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/monitoring-dan-prediksi-curah-hujan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/monitoring-dan-prediksi-curah-hujan"] [unique_id "aiQnFcZiP4tcGOJOYQRX-gAByBY"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[42010] [0v9ZJRabvcM] [aiQnFcZiP4tcGOJOYQRX-gAByBY] keep_alive=[1] [2026-06-06 20:56:37.598602] [R:aiQnFcZiP4tcGOJOYQRX-gAByBY] UA:'Mozilla/5.0 (Linux; ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-22 00:37:02 (1 month ago)	[Fri May 22 07:37:00.901290 2026] [security2:error] [pid 23717:tid 140471673284288] [client 147.136. ... show more [Fri May 22 07:37:00.901290 2026] [security2:error] [pid 23717:tid 140471673284288] [client 147.136.65.216:23830] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "857"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET / HTTP/2.0 Request URI RAW = / Request Basename = "] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ag-lLFUksgk0pfkzE7g6BAACjwM"] [staklim-jatim.bmkg.go.id] [stakl ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-20 13:12:59 (1 month ago)	05/20/2026-20:12:54.612650 [Drop] [] [1:2100001898:0] Suricata match TLS ja4 scan Uniq Zeek no 18 ... show more 05/20/2026-20:12:54.612650 [Drop] [] [1:2100001898:0] Suricata match TLS ja4 scan Uniq Zeek no 1898 with hash_t13d1812h1_85036bcba153_d41ae481755e [**] [Classification: (null)] [Priority: 3] {TCP} 147.136.65.216:13108 -> 103.166.156.58:443 ... show less	Email Spam Hacking
🇺🇸 MPL	2026-04-25 08:16:41 (2 months ago)	tcp/443 (8 or more attempts)	Port Scan
🇮🇩 hermawan	2026-04-21 17:33:49 (2 months ago)	[Wed Apr 22 00:33:49.287674 2026] [security2:error] [pid 79637:tid 139757153679040] [client 147.136. ... show more [Wed Apr 22 00:33:49.287674 2026] [security2:error] [pid 79637:tid 139757153679040] [client 147.136.65.216:30266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.25.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "623"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-tahunan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-tahunan"] [unique_id "aee0_XFG0Y5DT8RHZpR6-wAASgE"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[79644] [xB1e0btOZco] [aee0_XFG0Y5DT8RHZpR6-wAASgE] keep_alive=[1] [2026-04-22 00:33:49.287678] [R:aee0_XFG0Y5DT8RHZpR6-wAASgE] UA:'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-04-17 17:43:47 (2 months ago)	[Sat Apr 18 00:42:50.240344 2026] [security2:error] [pid 584874:tid 140256440383168] [client 147.136 ... show more [Sat Apr 18 00:42:50.240344 2026] [security2:error] [pid 584874:tid 140256440383168] [client 147.136.65.216:10780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.25.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "623"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story"] [unique_id "aeJxGnW82wP64-bvBVNaAQAAQhg"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[584920] [4fFIeqv3BCg] [aeJxGnW82wP64-bvBVNaAQAAQhg] keep_alive=[1] [2026-04-18 00:42:50.240351] [R:aeJxGnW82wP64-bvBVNaAQAAQhg] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 16_0 l ... show less	Email Spam Hacking
🇺🇸 MPL	2026-04-13 09:17:26 (2 months ago)	tcp/443 (8 or more attempts)	Port Scan

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 164.152.250.192

🇳🇱 91.92.40.11

🇨🇳 218.13.26.42

🇺🇸 170.247.221.226

🇵🇰 153.117.32.115

🇺🇸 66.132.224.31

🇨🇳 1.197.184.201

🇺🇸 2620:171:fd:f0::234

🇺🇸 2620:171:ac:f005:9999::246

🇨🇳 183.233.187.138

🇩🇪 167.94.146.66

🇺🇸 147.185.132.185

🇨🇳 120.235.111.57

🇺🇸 85.208.96.206

🇨🇳 120.79.199.56

🇺🇸 100.51.194.111

🇫🇷 51.103.46.9

🇬🇧 35.203.210.136

🇺🇸 20.245.71.147

🇨🇭 185.211.94.76