JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.138.243.245

202.138.243.245 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 90%: ?

90%

ISP	PT. Melvar Lintasnusa
Usage Type	Fixed Line ISP
ASN	AS9657
Hostname(s)	dsl-243-245.melsa.net.id
Domain Name	melsa.net.id
Country	🇮🇩 Indonesia
City	Bandung, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.138.243.245

Whois 202.138.243.245

IP Abuse Reports for 202.138.243.245:

This IP address has been reported a total of 28 times from 16 distinct sources. 202.138.243.245 was first reported on June 8th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-06-12 08:25:57 (1 day ago)	(wordpress) Failed wordpress login from 202.138.243.245 (ID/Indonesia/dsl-243-245.melsa.net.id): (C ... show more (wordpress) Failed wordpress login from 202.138.243.245 (ID/Indonesia/dsl-243-245.melsa.net.id): (CF_ENABLE) show less	Brute-Force
🇩🇪 grassau.com	2026-06-12 07:08:53 (1 day ago)	(wordpress) Failed wordpress login from 202.138.243.245 (ID/Indonesia/West Java/Bandung/dsl-243-245. ... show more (wordpress) Failed wordpress login from 202.138.243.245 (ID/Indonesia/West Java/Bandung/dsl-243-245.melsa.net.id) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 06:14:27 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 202.138.243.245 (dsl-243-245.melsa.net.id): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 202.138.243.245 (dsl-243-245.melsa.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:14:23.014432 2026] [security2:error] [pid 15040:tid 15040] [client 202.138.243.245:53712] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.138.243.245 (+1 hits since last alert)\|batfry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "batfry.com"] [uri "/xmlrpc.php"] [unique_id "aiujvwxLMDZBExBmDRzKxQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-06-12 06:00:37 (1 day ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇫🇷 masterguru	2026-06-12 05:38:28 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 04:04:50 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 202.138.243.245 (dsl-243-245.melsa.net.id): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 202.138.243.245 (dsl-243-245.melsa.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:04:46.388568 2026] [security2:error] [pid 3028:tid 3127] [client 202.138.243.245:50185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.138.243.245 (+1 hits since last alert)\|maryschalkdesign.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maryschalkdesign.com"] [uri "/xmlrpc.php"] [unique_id "aiuFXoWCQrMdbo5yz1rEJAAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 huginet	2026-06-12 01:14:01 (1 day ago)	202.138.243.245 - - [12/Jun/2026:03:13:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by ... show more 202.138.243.245 - - [12/Jun/2026:03:13:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" 202.138.243.245 - - [12/Jun/2026:03:14:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "WordPress.com; https://wordpress.com" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 00:59:50 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 202.138.243.245 (dsl-243-245.melsa.net.id): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 202.138.243.245 (dsl-243-245.melsa.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 20:59:43.592635 2026] [security2:error] [pid 32721:tid 32721] [client 202.138.243.245:52028] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.138.243.245 (+1 hits since last alert)\|dancingbearprinting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dancingbearprinting.com"] [uri "/xmlrpc.php"] [unique_id "aitZ_2vbdQGyFz3oHDaPuwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 00:46:13 (1 day ago)	Attac	Brute-Force
🇱🇻 garmtech.com	2026-06-12 00:28:11 (1 day ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)	Web App Attack
🇱🇻 garmtech.com	2026-06-12 00:16:40 (1 day ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
Anonymous	2026-06-11 13:06:51 (2 days ago)	Trying to access config files	Web App Attack
🇲🇾 Rizzy	2026-06-10 06:07:17 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇮🇹 Progetto1	2026-06-10 05:40:03 (3 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 WeekendWeb	2026-06-10 04:36:52 (3 days ago)	Wordpress Vunerability attack	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 117.211.194.213

🇵🇱 57.128.218.186

🇸🇪 4.223.73.181

🇳🇱 185.223.235.31

🇨🇳 182.119.92.20

🇨🇱 172.217.192.108

🇺🇸 162.216.149.97

🇬🇧 81.111.29.217

🇺🇸 66.132.186.204

🇩🇪 47.245.136.70

🇸🇪 4.223.161.209

🇺🇸 147.185.132.9

🇨🇳 112.32.125.136

🇷🇴 80.94.92.171

🇱🇹 62.60.130.238

🇫🇷 51.68.34.131

🇸🇪 4.223.143.114

🇮🇹 217.26.179.88

🇲🇾 202.165.29.123

🇳🇱 185.223.235.52