JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 153.92.9.180

153.92.9.180 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 100%: ?

100%

ISP	PT. Web Media Technology Indonesia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	hostinger.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 153.92.9.180

Whois 153.92.9.180

IP Abuse Reports for 153.92.9.180:

This IP address has been reported a total of 47 times from 24 distinct sources. 153.92.9.180 was first reported on June 1st 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Lee Daniel	2026-06-06 12:00:44 (1 hour ago)	153.92.9.180 - - [06/Jun/2026:08:00:44 -0400] "GET /.env HTTP/1.1" 403 0 "https://caribbeannewmedia. ... show more 153.92.9.180 - - [06/Jun/2026:08:00:44 -0400] "GET /.env HTTP/1.1" 403 0 "https://caribbeannewmedia.com/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	DDoS Attack Web Spam Email Spam Port Scan Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-06 11:40:39 (1 hour ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇫🇷 masterguru	2026-06-04 20:14:32 (1 day ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇳🇱 wlt-blocker	2026-06-04 19:50:58 (1 day ago)	Unauthorized access to webpage admin	Web App Attack
🇬🇧 consul.to	2026-06-04 10:51:01 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 ParaBug	2026-06-04 10:41:33 (2 days ago)	153.92.9.180 - - [04/Jun/2026:12:41:32 +0200] "GET /backend/.env HTTP/1.1" 404 3089 "https://antik-w ... show more 153.92.9.180 - - [04/Jun/2026:12:41:32 +0200] "GET /backend/.env HTTP/1.1" 404 3089 "https://antik-wagon.com/backend/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
Anonymous	2026-06-04 06:13:21 (2 days ago)	(caddyscan) Scanner path probe from 153.92.9.180 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: * ... show more (caddyscan) Scanner path probe from 153.92.9.180 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 153.92.9.180 - - [04/Jun/2026:06:13:20 +0000] "GET /admin/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [04/Jun/2026:06:13:20 +0000] "GET /dev/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [04/Jun/2026:06:13:20 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [04/Jun/2026:06:13:20 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [04/Jun/2026:06:13:20 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇦🇺 FireGuard Server	2026-06-03 21:25:03 (2 days ago)	Blocked by OPNsense firewall; 27 hits, proto=tcp, ports=443	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 21:12:48 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 153.92.9.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 153.92.9.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 17:12:43.318083 2026] [security2:error] [pid 26604:tid 26604] [client 153.92.9.180:38662] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "musiclipsapp.com"] [uri "/member/.env"] [unique_id "aiCYy1IbLDnV0TQvOELefAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 20:29:03 (2 days ago)	(caddyscan) Scanner path probe from 153.92.9.180 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: * ... show more (caddyscan) Scanner path probe from 153.92.9.180 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 153.92.9.180 - - [03/Jun/2026:20:29:01 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [03/Jun/2026:20:29:01 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [03/Jun/2026:20:29:01 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [03/Jun/2026:20:29:01 +0000] "GET /new/.env HTTP/1.1" [REDACTED] 200 2627 153.92.9.180 - - [03/Jun/2026:20:29:01 +0000] "GET /dev/.env HTTP/1.1" show less	Port Scan
🇮🇩 Burayot	2026-06-03 20:12:32 (2 days ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 153.92.9.180 (ID/Indonesia/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 153.92.9.180 (ID/Indonesia/-): 2 in the last 3600 secs show less	Web App Attack
🇬🇧 consul.to	2026-06-03 08:47:11 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇦🇺 crispi	2026-06-03 08:23:05 (3 days ago)	Port scan from 153.92.9.180	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 07:29:15 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 153.92.9.180 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 153.92.9.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:29:07.692047 2026] [security2:error] [pid 14814:tid 14814] [client 153.92.9.180:55962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coffeewitheinstein.com"] [uri "/api/.env"] [unique_id "ah_XwxFq45SOWWGzQD1HWQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Aetherweb Ark	2026-06-03 07:16:14 (3 days ago)	(mod_security) mod_security (id:949110) triggered by 153.92.9.180 (ID/Indonesia/-): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 153.92.9.180 (ID/Indonesia/-): N in the last X secs show less	Web App Attack

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 130.12.181.107

🇺🇸 2601:2c3:c97c:52f0:53b:ba4d:2825:bf24

🇩🇪 213.209.159.108

🇷🇴 193.32.162.125

🇧🇬 93.94.141.115

🇯🇵 43.130.244.36

🇺🇸 40.77.167.203

🇩🇪 5.230.23.190

🇧🇴 190.181.25.210

🇬🇧 185.249.74.198

🇺🇸 185.8.106.170

🇺🇸 159.198.65.46

🇻🇳 103.195.236.35

🇨🇳 14.103.115.3

🇷🇺 5.228.1.56

🇺🇸 2604:a880:2:d1:0:1:51e1:2001

🇮🇩 2001:448a:2033:178d:b095:7030:1ffb:c59c

🇺🇸 199.245.176.58

🇨🇷 190.171.108.25

🇦🇷 186.22.19.183