JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.65.14.238

36.65.14.238 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 100%: ?

100%

ISP	PT TELKOM INDONESIA Menara Multimedia Lt.7 Jl. Kebon sirih No.12 JAKARTA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Surakarta, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.65.14.238

Whois 36.65.14.238

IP Abuse Reports for 36.65.14.238:

This IP address has been reported a total of 30 times from 22 distinct sources. 36.65.14.238 was first reported on September 8th 2021, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-15 11:57:09 (6 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 LRob.fr	2026-06-15 11:00:04 (7 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇨🇭 Mario Bretscher	2026-06-15 06:27:05 (11 hours ago)	Jun 15 08:26:53 beat-band.ch Cerber(beat-band.ch)[1825939]: Authentication failure for beat-band fro ... show more Jun 15 08:26:53 beat-band.ch Cerber(beat-band.ch)[1825939]: Authentication failure for beat-band from 36.65.14.238 Jun 15 08:27:03 beat-band.ch Cerber(beat-band.ch)[1825922]: Authentication failure for beat-band from 36.65.14.238 ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-06-15 03:58:17 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:58:04.306946 2026] [security2:error] [pid 3784:tid 3784] [client 36.65.14.238:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.65.14.238 (+1 hits since last alert)\|pixacast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pixacast.com"] [uri "/xmlrpc.php"] [unique_id "ai94TICxyd-7aWrflAKC5wAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-15 01:30:58 (16 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇲🇹 Malta	2026-06-14 10:09:50 (1 day ago)	36.65.14.238 - - [14/Jun/2026:12:09:50 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack/12.5; WordPress/6 ... show more 36.65.14.238 - - [14/Jun/2026:12:09:50 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack/12.5; WordPress/6.1; http://site40366770.com" show less	Hacking Web App Attack
Anonymous	2026-06-14 09:37:03 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /feed/ HTTP/1.1, GET /user-si ... show more Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /feed/ HTTP/1.1, GET /user-sitemap.xml HTTP/1.1, GET /author-sitemap.xml HTTP/1.1, GET /wp-sitemap-users-1.xml HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 yvoictra	2026-06-14 09:00:23 (1 day ago)	36.65.14.238 - - [14/Jun/2026:10:59:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by Wo ... show more 36.65.14.238 - - [14/Jun/2026:10:59:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 36.65.14.238 - - [14/Jun/2026:10:59:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 36.65.14.238 - - [14/Jun/2026:10:59:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 36.65.14.238 - - [14/Jun/2026:11:00:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" 36.65.14.238 - - [14/Jun/2026:11:00:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 36.65.14.238 - - [14/Jun/2026:11:00:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 08:32:13 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 04:31:58.514200 2026] [security2:error] [pid 29543:tid 29543] [client 36.65.14.238:57593] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.65.14.238 (+1 hits since last alert)\|shhcenter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shhcenter.com"] [uri "/xmlrpc.php"] [unique_id "ai5m_s3QKIwpq1wZ4eNXJAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 08:08:23 (1 day ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 07:10:31 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 03:10:16.536315 2026] [security2:error] [pid 9727:tid 9727] [client 36.65.14.238:59002] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.65.14.238 (+1 hits since last alert)\|paleopathologist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "paleopathologist.com"] [uri "/xmlrpc.php"] [unique_id "ai5T2Jp3bO10V5V6gaH0EwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-14 06:57:19 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-14 06:50:25 (1 day ago)	36.65.14.238 - - [14/Jun/2026:08:50:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 36.65.14.238 - - [ ... show more 36.65.14.238 - - [14/Jun/2026:08:50:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 36.65.14.238 - - [14/Jun/2026:08:50:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 ... show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-14 06:08:24 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 36.65.14.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:08:11.217897 2026] [security2:error] [pid 18933:tid 18933] [client 36.65.14.238:49216] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.65.14.238 (+1 hits since last alert)\|roguetechhub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechhub.com"] [uri "/xmlrpc.php"] [unique_id "ai5FSxrL1xyYTEDjqFwK8gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 05:36:43 (1 day ago)	Attac	Brute-Force

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 136.116.158.217

🇺🇸 135.119.27.130

🇺🇸 107.123.36.1

🇩🇪 69.5.169.229

🇸🇬 45.82.78.106

🇺🇸 45.79.191.178

🇺🇸 44.192.6.116

🇺🇸 40.124.186.155

🇨🇳 1.30.217.250

🇬🇧 2a06:4880::23

🇵🇰 175.107.0.66

🇸🇪 171.25.158.70

🇮🇶 169.224.64.115

🇷🇺 158.160.209.126

🇳🇱 91.92.40.37

🇨🇦 57.134.215.133

🇮🇩 43.157.210.132

🇺🇸 34.10.19.24

🇵🇰 203.135.42.52

🇧🇷 186.195.16.41