JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.136.67.234

147.136.67.234 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 4%: ?

ISP	Darkness Reigns (Holding) B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	darkness-reigns.net
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.136.67.234

Whois 147.136.67.234

IP Abuse Reports for 147.136.67.234:

This IP address has been reported a total of 4 times from 2 distinct sources. 147.136.67.234 was first reported on April 22nd 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-29 16:26:21 (14 hours ago)	[Mon Jun 29 23:26:17.349767 2026] [security2:error] [pid 1584219:tid 139911973435072] [client 147.13 ... show more [Mon Jun 29 23:26:17.349767 2026] [security2:error] [pid 1584219:tid 139911973435072] [client 147.136.67.234:37026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "601"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/profil/alamat-kantor/list-all-categories/555556811-mengakses-halaman-web-https-karangploso-jatim-bmkg-go-id-secara-offline-dan-menginstallnya-di-hp-android-atau-di-komputer HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/alamat-kantor/list-all-categories/555556811-mengakses-halaman-web-https-karangploso-jatim-bmkg-go-id-secara-offline-dan-menginstallnya-di-hp-android-atau-di-komputer"] [unique_id "akKcqY8Z3plPYsRLMyfVGQACQQA"], referer https://www.yande ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-04 01:02:05 (3 weeks ago)	[Thu Jun 04 08:02:04.654357 2026] [authz_core:error] [pid 93185:tid 140067440932544] [client 147.136 ... show more [Thu Jun 04 08:02:04.654357 2026] [authz_core:error] [pid 93185:tid 140067440932544] [client 147.136.67.234:34626] AH01630: client denied by server configuration: /var/www/index.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[93192] [BAqqF2PmQh4] [aiDOjFeKJryTG2C2E1JMwwAASgY] keep_alive=[1] [2026-06-04 08:02:04.654361] [R:aiDOjFeKJryTG2C2E1JMwwAASgY] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 17_6 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/128.0.2739.60 Version/17.0 Mobile/15E148 Safari/604.1' Host:'staklim-jatim.bmkg.go.id:443' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.9 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-29 02:34:27 (1 month ago)	[Fri May 29 09:34:24.345371 2026] [security2:error] [pid 1256125:tid 139851941701312] [client 147.13 ... show more [Fri May 29 09:34:24.345371 2026] [security2:error] [pid 1256125:tid 139851941701312] [client 147.136.67.234:58158] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "815"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /images/gempa/webp/20260529062001.mmi.jpg.webp HTTP/2.0 Request URI RAW = /images/gempa/webp/20260529062001.mmi.jpg.webp Request Basename = 20260529062001.mmi.jpg.webp"] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [hos ... show less	Email Spam Hacking
🇺🇸 MPL	2026-04-22 05:27:31 (2 months ago)	tcp/443 (8 or more attempts)	Port Scan

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:fb54:1a00::1f5

🇨🇴 206.62.136.109

🇧🇪 198.235.24.174

🇹🇳 196.187.142.110

🇪🇬 196.154.21.51

🇵🇰 182.185.210.151

🇰🇷 182.31.70.36

🇳🇱 176.65.139.94

🇳🇱 172.71.183.15

🇺🇸 147.185.132.182

🇺🇸 107.175.213.192

🇨🇦 85.217.149.7

🇵🇱 83.219.248.100

🇺🇦 82.22.220.36

🇺🇸 74.125.82.175

🇮🇳 49.43.227.245

🇸🇬 34.87.153.62

🇳🇱 34.13.230.233

🇮🇪 13.69.226.128

🇬🇧 2a06:4880:2000::2a