JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.162.204.223

202.162.204.223 was found in our database!

This IP was reported 98 times. Confidence of Abuse is 50%: ?

50%

ISP	PT Media Antar Nusa
Usage Type	Fixed Line ISP
ASN	AS23679
Domain Name	nusanet.id
Country	🇮🇩 Indonesia
City	Medan, North Sumatra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.162.204.223

Whois 202.162.204.223

IP Abuse Reports for 202.162.204.223:

This IP address has been reported a total of 98 times from 57 distinct sources. 202.162.204.223 was first reported on August 4th 2025, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nyt	2026-06-18 15:10:07 (22 hours ago)	Bare UA + POST	Web App Attack
🇪🇸 robotstxt	2026-06-18 00:09:18 (1 day ago)	202.162.204.223 - - [18/Jun/2026:00:08:35 +0000] "GET /wp-login.php%7CXevi%7CT3mp0rad4!Up/wp-admin/a ... show more 202.162.204.223 - - [18/Jun/2026:00:08:35 +0000] "GET /wp-login.php%7CXevi%7CT3mp0rad4!Up/wp-admin/admin-ajax.php HTTP/1.1" 404 14222 "-" "Mozilla/5.0" 202.162.204.223 - - [18/Jun/2026:00:08:37 +0000] "GET /wp-login.php%7CXevi%7CT3mp0rad4!Up/ HTTP/1.1" 404 14227 "-" "Mozilla/5.0" 202.162.204.223 - - [18/Jun/2026:00:08:39 +0000] "GET /wp-login.php%7CXevi%7CT3mp0rad4!Up/wp-admin/admin-ajax.php HTTP/1.1" 404 14222 "-" "Mozilla/5.0" 202.162.204.223 - - [18/Jun/2026:00:08:43 +0000] "GET /wp-login.php%7CXevi%7CT3mp0rad4!Up/ HTTP/1.1" 404 14227 "-" "Mozilla/5.0" 202.162.204.223 - - [18/Jun/2026:00:08:44 +0000] "GET /wp-login.php%7CXevi%7CT3mp0rad4!Up/wp-admin/admin-ajax.php HTTP/1.1" 404 14222 "-" "Mozilla/5.0" ... show less	Bad Web Bot
🇪🇸 robotstxt	2026-06-17 22:50:17 (1 day ago)	202.162.204.223 - - [17/Jun/2026:22:49:12 +0000] "GET /wp-login.php%7CJosefer%7CJosefernando1/wp-adm ... show more 202.162.204.223 - - [17/Jun/2026:22:49:12 +0000] "GET /wp-login.php%7CJosefer%7CJosefernando1/wp-admin/admin-ajax.php HTTP/1.1" 404 31 "-" "Mozilla/5.0" "-" 202.162.204.223 - - [17/Jun/2026:22:49:15 +0000] "GET /wp-login.php%7CJosefer%7CJosefernando1/ HTTP/1.1" 404 49618 "-" "Mozilla/5.0" "-" 202.162.204.223 - - [17/Jun/2026:22:49:28 +0000] "GET /wp-login.php%7CJosefer%7CJosefernando1/wp-admin/admin-ajax.php HTTP/1.1" 404 31 "-" "Mozilla/5.0" "-" 202.162.204.223 - - [17/Jun/2026:22:49:18 +0000] "GET /wp-login.php%7CJosefer%7CJosefernando1/wp-admin/admin-ajax.php HTTP/1.1" 404 31 "-" "Mozilla/5.0" "-" 202.162.204.223 - - [17/Jun/2026:22:49:20 +0000] "GET /wp-login.php%7CJosefer%7CJosefernando1/ HTTP/1.1" 404 49615 "-" "Mozilla/5.0" "-" ... show less	Bad Web Bot
🇬🇧 consul.to	2026-06-17 19:55:20 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-17 18:04:40 (1 day ago)	Attac	Brute-Force
Anonymous	2026-05-31 04:06:26 (2 weeks ago)	[server.dsamoodle.de] httpd-404: sites=global; logs=/var/log/nginx/access.log; samples=/ \| /js_error ... show more [server.dsamoodle.de] httpd-404: sites=global; logs=/var/log/nginx/access.log; samples=/ \| /js_errors?pid=7ed93b29d1d301f6&url=https%3A%2F%2Fdsamoodle.de%2F&info=2408270,2408340,2422310,2429490,2432160,2432350,2434940,2437150,2449990,2450910,2451940,2455040,2458250,2460140,2462020,2464960,TZUfONebEWAUFccRMVIZdRRT\|1,aaCRdLOLOLO... \| /js_errors?pid=7ed93b29d1d301f6&url=https%3A%2F%2Fcf.bstatic.com%2Fstatic%2Fjs%2Fcore-deps-inlinedet_cloudfront_sd%2Ff62025e692b596dd53ecd1bd082dfd3197944c50.js&info=2408270,2408340,2422310,2429490,2432160,2432350,2434940,2437150,2449990... show less	Web App Attack
🇮🇩 sockominfo	2026-05-30 07:00:47 (2 weeks ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Email Spam
🇫🇮 tjs	2026-05-19 21:25:00 (4 weeks ago)	web attack, shell attempt	Hacking Web App Attack
Anonymous	2026-05-19 21:10:03 (4 weeks ago)	\| Multiple common web attacks from same source ip. (multiple servers)	Web App Attack Hacking SQL Injection
🇫🇷 Lunix	2026-05-19 14:55:18 (4 weeks ago)		Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-05-13 14:35:22 (1 month ago)	202.162.204.223 - - [13/May/2026:17:35:22 +0300] "GET /wp-content/11.php HTTP/1.1" 404 709 "-" "Mozi ... show more 202.162.204.223 - - [13/May/2026:17:35:22 +0300] "GET /wp-content/11.php HTTP/1.1" 404 709 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-13 12:30:02 (1 month ago)	202.162.204.223 - - [13/May/2026:15:30:01 +0300] "GET /wp-includes/style-engine/about.php HTTP/1.1" ... show more 202.162.204.223 - - [13/May/2026:15:30:01 +0300] "GET /wp-includes/style-engine/about.php HTTP/1.1" 404 708 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-13 09:02:47 (1 month ago)	202.162.204.223 - - [13/May/2026:12:02:36 +0300] "GET /wp-content/style-css.php HTTP/1.1" 404 707 "- ... show more 202.162.204.223 - - [13/May/2026:12:02:36 +0300] "GET /wp-content/style-css.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 202.162.204.223 - - [13/May/2026:12:02:46 +0300] "GET /wp-content/data-db.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Web App Attack
🇮🇩 sockominfo	2026-05-09 12:00:39 (1 month ago)	Webshell discovery success (Response: 200). Threat Score: 8.7/10 (CRITICAL). Confidence: 70%. CVSS v ... show more Webshell discovery success (Response: 200). Threat Score: 8.7/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1566 (Phishing). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Email Spam
🇮🇩 sockominfo	2026-05-09 11:00:48 (1 month ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Email Spam

Showing 1 to 15 of 98 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 2400:cb00:1030:1000:ed81:97e6:51e4:8cd8

🇷🇺 149.255.1.35

🇺🇸 44.220.188.201

🇬🇧 35.203.210.150

🇧🇪 35.195.148.171

🇮🇷 5.234.18.104

🇨🇳 219.150.93.157

🇭🇰 199.45.154.184

🇬🇧 195.96.139.200

🇬🇧 185.247.137.163

🇵🇰 175.107.212.54

🇺🇸 162.216.150.39

🇸🇪 155.4.244.107

🇯🇵 104.234.140.36

🇹🇷 94.78.89.52

🇨🇳 61.184.21.201

🇫🇷 37.187.104.215

🇺🇸 20.65.194.80

🇰🇷 211.253.31.143

🇮🇳 182.95.115.194