JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.65.214.238

103.65.214.238 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 36%: ?

36%

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS135449
Domain Name	apnic.net
Country	🇮🇩 Indonesia
City	Candi Prambanan, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.65.214.238

Whois 103.65.214.238

IP Abuse Reports for 103.65.214.238:

This IP address has been reported a total of 37 times from 24 distinct sources. 103.65.214.238 was first reported on December 19th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 pltcldvlpr	2026-06-09 01:47:06 (3 days ago)	Bogus Useragent: 103.65.214.238 - - [09/Jun/2026:03:47:05 +0200] "GET /protocol?id=bb_7_108&offset=3 ... show more Bogus Useragent: 103.65.214.238 - - [09/Jun/2026:03:47:05 +0200] "GET /protocol?id=bb_7_108&offset=3400&seq=3353 HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 11.0; Trident/4.0)" asn=135449 org="PT. Broadband Indonesia Pratama" country=ID ... show less	Bad Web Bot
🇬🇧 catalink.com	2026-06-08 13:56:00 (3 days ago)	Brute forcing Wordpress login	Exploited Host Web App Attack
Anonymous	2026-06-06 02:35:43 (6 days ago)	XMLRPC BRUTEFORCE - HTTP (Request)	Hacking
🇫🇷 Sklurk	2026-06-01 06:20:44 (1 week ago)	Web App Attack	Web App Attack
🇮🇹 VHosting	2026-05-28 13:05:27 (2 weeks ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
Anonymous	2026-05-26 01:55:14 (2 weeks ago)	XMLRPC BRUTEFORCE - HTTP (Request)	Hacking
Anonymous	2026-05-25 00:25:16 (2 weeks ago)	XMLRPC BRUTEFORCE - HTTP (Request)	Hacking
🇮🇩 hermawan	2025-11-15 07:43:54 (6 months ago)	[Sat Nov 15 14:43:35.659080 2025] [security2:error] [pid 670881:tid 140212979005120] [client 103.65. ... show more [Sat Nov 15 14:43:35.659080 2025] [security2:error] [pid 670881:tid 140212979005120] [client 103.65.214.238:64788] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "183"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=474&id=1064%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-5-11-juli-2016&start=10 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=474&id=1064%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-5-11-juli-2016&start=10 Request B..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aRgvJ01l5czx ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-11-08 20:35:54 (7 months ago)	[Sun Nov 09 03:34:15.832847 2025] [security2:error] [pid 381578:tid 139643791066816] [client 103.65. ... show more [Sun Nov 09 03:34:15.832847 2025] [security2:error] [pid 381578:tid 139643791066816] [client 103.65.214.238:50539] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "199"] [id "40236"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: /index.php?id= found within SERVER_NAME: staklim-malang.info request_line = GET /index.php?id=1882 HTTP/2.0 Request URI RAW = /index.php?id=1882 Request Basename = index.php"] [hostname "staklim-malang.info"] [uri "/index.php"] [unique_id "aQ-pR0IRG3VYbHA_MNqgxwADhgM"], referer https://staklim-malang.info/ [staklim-malang.info] [staklim-malang.info] top=[381582] [pT1iN9sNM3Y] [aQ-pR0IRG3VYbHA_MNqgxwADhgM] keep_alive=[1] [2025-11-09 03:34:15.832851] [R:aQ-pR0IRG3VYbHA_MNqgxwADhgM] UA:'Mozilla/5.0 (Windo ... show less	Hacking Web App Attack
🇳🇱 exxos	2025-08-28 19:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇦🇺 MAGIC	2025-06-14 16:00:26 (11 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2025-05-04 18:00:38 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-05-01 01:38:26 (1 year ago)	Unauthorized connection to SMB port 445	Port Scan
🇳🇱 Study Bitcoin 🤗	2025-05-01 01:26:24 (1 year ago)	Port probe to tcp/445 (smb) [srv129]	Port Scan Hacking

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 165.154.236.104

🇺🇸 157.230.136.54

🇳🇱 85.11.167.7

🇲🇽 189.203.190.153

🇬🇧 159.65.87.147

🇮🇳 122.168.123.73

🇧🇷 200.36.146.212

🇺🇸 195.184.76.212

🇺🇸 195.184.76.209

🇺🇸 184.169.233.240

🇧🇷 177.73.203.8

🇺🇸 172.191.178.196

🇺🇸 167.71.22.65

🇮🇹 158.47.227.30

🇺🇸 147.185.132.195

🇯🇵 103.200.97.106

🇮🇳 98.70.48.241

🇯🇴 94.249.2.45

🇮🇷 94.182.136.110

🇺🇸 91.230.168.15