JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.70.144.241

36.70.144.241 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 100%: ?

100%

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Pekanbaru, Riau

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.70.144.241

Whois 36.70.144.241

IP Abuse Reports for 36.70.144.241:

This IP address has been reported a total of 31 times from 19 distinct sources. 36.70.144.241 was first reported on June 13th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ger-stg-sifi1	2026-06-16 16:16:24 (2 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 QT	2026-06-16 04:57:14 (14 hours ago)	Unauthorised WordPress admin login attempted at 2026-06-16 14:57:04 +1000	Web App Attack
🇳🇱 Site.eu	2026-06-15 18:41:35 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-15 16:09:46 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:09:30.081347 2026] [security2:error] [pid 24791:tid 24791] [client 36.70.144.241:22758] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.70.144.241 (+1 hits since last alert)\|gasoilliquidsdaily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gasoilliquidsdaily.com"] [uri "/xmlrpc.php"] [unique_id "ajAjursiUrtXSHVWgHdcLwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 16:05:16 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-15 08:48:07 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-15 08:32:52 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ID/Indonesia/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:02:19 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:02:08.510344 2026] [security2:error] [pid 3416:tid 3416] [client 36.70.144.241:61316] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.70.144.241 (+1 hits since last alert)\|studioyau.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "studioyau.com"] [uri "/xmlrpc.php"] [unique_id "ai-VYLP5Ps4bNcmDGm1XjwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-15 05:28:29 (1 day ago)	3.124 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 04:59:42 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:59:30.327105 2026] [security2:error] [pid 5706:tid 5706] [client 36.70.144.241:54504] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.70.144.241 (+1 hits since last alert)\|pondplain.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pondplain.org"] [uri "/xmlrpc.php"] [unique_id "ai-Gsvo4yutk5y_jjbKF5AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:57:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:57:37.025748 2026] [security2:error] [pid 24893:tid 24893] [client 36.70.144.241:65370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.70.144.241 (+1 hits since last alert)\|truthsabouthealthcare.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "truthsabouthealthcare.com"] [uri "/xmlrpc.php"] [unique_id "ai9qIX8-CiCgGuLJIl3gOAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 konseptit	2026-06-14 23:19:59 (1 day ago)	(wordpress) Failed wordpress login from 36.70.144.241 (ID/Indonesia/-)	Brute-Force
🇩🇪 4server	2026-06-14 21:22:36 (1 day ago)	[SunJun1423:22:24.5328272026][security2:error][pid2397638:tid2397698][client36.70.144.241:0]ModSecur ... show more [SunJun1423:22:24.5328272026][security2:error][pid2397638:tid2397698][client36.70.144.241:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"buletti-panettoni.ch\"][uri\"/xmlrpc.php\"][unique_id\"ai8bkIIGxdWB6J8Ev6egggAAAFg\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 18:44:56 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 36.70.144.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:44:44.109815 2026] [security2:error] [pid 23103:tid 23103] [client 36.70.144.241:55818] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 36.70.144.241 (+1 hits since last alert)\|pakistanvision.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pakistanvision.com"] [uri "/xmlrpc.php"] [unique_id "ai72nFcNxG9dJ8fDzq8imQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-14 17:30:28 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.226.197.30

🇳🇱 185.226.197.29

🇯🇴 176.28.252.253

🇭🇰 165.154.1.18

🇮🇳 74.225.201.19

🇺🇸 52.238.213.109

🇺🇸 47.251.50.227

🇭🇰 47.239.181.240

🇬🇧 193.32.209.234

🇺🇸 185.214.143.89

🇺🇸 172.214.44.154

🇺🇸 170.244.146.208

🇮🇳 134.209.159.40

🇮🇪 128.251.36.118

🇨🇳 121.62.4.155

🇻🇳 116.98.104.138

🇧🇩 103.239.252.132

🇸🇬 47.129.233.138

🇸🇦 31.166.155.11

🇷🇴 2.57.121.25