JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.65.229.136

202.65.229.136 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 28%: ?

28%

ISP	PT Global Telecom Utama
Usage Type	Fixed Line ISP
ASN	AS45700
Hostname(s)	customer.jtnaidn2.pop.starlinkisp.net
Domain Name	apjii.or.id
Country	🇮🇩 Indonesia
City	Surabaya, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.65.229.136

Whois 202.65.229.136

IP Abuse Reports for 202.65.229.136:

This IP address has been reported a total of 10 times from 8 distinct sources. 202.65.229.136 was first reported on August 22nd 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-18 15:55:32 (5 days ago)	202.65.229.136 - - [18/Jun/2026:17:55:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.c ... show more 202.65.229.136 - - [18/Jun/2026:17:55:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" 202.65.229.136 - - [18/Jun/2026:17:55:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com" 202.65.229.136 - - [18/Jun/2026:17:55:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇩🇪 konseptit	2026-06-18 15:41:09 (5 days ago)	(wordpress) Failed wordpress login from 202.65.229.136 (ID/Indonesia/customer.jtnaidn2.pop.starlinki ... show more (wordpress) Failed wordpress login from 202.65.229.136 (ID/Indonesia/customer.jtnaidn2.pop.starlinkisp.net) show less	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-18 15:39:53 (5 days ago)	202.65.229.136 - - [18/Jun/2026:17:39:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack/13. ... show more 202.65.229.136 - - [18/Jun/2026:17:39:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack/13.0; WordPress/6.4; http://site17400169.com" 202.65.229.136 - - [18/Jun/2026:17:39:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" 202.65.229.136 - - [18/Jun/2026:17:39:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack/12.1; WordPress/6.4; http://site79089609.com" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 15:21:34 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 202.65.229.136 (customer.jtnaidn2.pop.starlinki ... show more (mod_security) mod_security (id:240335) triggered by 202.65.229.136 (customer.jtnaidn2.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:21:30.599537 2026] [security2:error] [pid 2533:tid 2533] [client 202.65.229.136:63806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.65.229.136 (+1 hits since last alert)\|lambert-heating-and-air.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lambert-heating-and-air.com"] [uri "/xmlrpc.php"] [unique_id "ajQM-j2Q0drYO-af-965JQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-18 09:17:53 (5 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ID/Indonesia/customer.jtnaidn2.pop.starlinkisp.net	Web App Attack
🇬🇧 Silly Development	2025-09-29 20:52:23 (8 months ago)	Malicious activity detected from 45700 IDNIC-STARLINK-AS-ID PT Starlink Services Indonesia towards h ... show more Malicious activity detected from 45700 IDNIC-STARLINK-AS-ID PT Starlink Services Indonesia towards host sillydev.co.uk (GET HTTP/2) @ 2025-09-29T20:52:23Z (4 occurrences) show less	DDoS Attack Exploited Host
🇺🇸 SuperEvilLuke	2025-09-29 20:34:51 (8 months ago)	Malicious activity detected from 45700 IDNIC-STARLINK-AS-ID PT Starlink Services Indonesia towards h ... show more Malicious activity detected from 45700 IDNIC-STARLINK-AS-ID PT Starlink Services Indonesia towards host panel.embotic.xyz (GET HTTP/2) @ 2025-09-29T20:34:51Z (9 occurrences) show less	DDoS Attack Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-08-23 23:14:47 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 1gz	2025-08-23 04:20:10 (10 months ago)	Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 ... show more Triggered Cloudflare WAF (firewallCustom) from ID. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.210.0 Safari/532.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-08-22 22:25:01 (10 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.104.210.105

🇳🇱 172.94.9.203

🇨🇳 113.68.39.155

🇳🇱 91.92.40.240

🇺🇸 24.91.12.73

🇹🇼 198.235.24.80

🇮🇳 182.79.83.98

🇩🇪 167.94.146.48

🇺🇿 144.124.199.212

🇨🇳 121.226.67.146

🇺🇸 107.151.252.91

🇹🇷 70.40.138.199

🇮🇶 65.20.204.88

🇺🇸 44.196.51.98

🇪🇬 196.150.164.226

🇷🇺 109.206.139.92

🇭🇰 103.229.125.106

🇮🇳 103.116.137.30

🇳🇱 91.92.40.11

🇨🇳 60.162.168.253