JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.235.149.204

180.235.149.204 was found in our database!

This IP was reported 96 times. Confidence of Abuse is 0%: ?

ISP	PT. ARDH GLOBAL INDONESIA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45731
Hostname(s)	pelanduk.empatdns.com
Domain Name	ardhglobal.com
Country	🇮🇩 Indonesia
City	Yogyakarta, Yogyakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.235.149.204

Whois 180.235.149.204

IP Abuse Reports for 180.235.149.204:

This IP address has been reported a total of 96 times from 37 distinct sources. 180.235.149.204 was first reported on March 22nd 2022, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-12-11 10:20:35 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇧🇪 taivas.nl	2024-12-10 16:02:12 (1 year ago)	Wordpress_xmlrpc_attack	Bad Web Bot
🇩🇪 Ba-Yu	2024-12-10 07:10:40 (1 year ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
🇺🇸 octageeks.com	2024-12-10 05:07:09 (1 year ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
Anonymous	2024-12-09 19:51:44 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 octageeks.com	2024-12-08 05:07:22 (1 year ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
Anonymous	2024-12-08 00:31:06 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-12-05 15:25:18 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 10:25:12.858515 2024] [security2:error] [pid 19814:tid 19814] [client 180.235.149.204:52954] [client 180.235.149.204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.ashleycroft.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ashleycroft.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1HF2G5Bt5qI-253DcHvkwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-05 15:06:54 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 10:06:49.388947 2024] [security2:error] [pid 30151:tid 30151] [client 180.235.149.204:53430] [client 180.235.149.204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.peacecampus.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.peacecampus.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1HBiQeP4f1nBCNenleAHwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-05 14:29:55 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 09:29:48.315052 2024] [security2:error] [pid 3402744:tid 3402744] [client 180.235.149.204:42256] [client 180.235.149.204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|opticasprisma.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "opticasprisma.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1G43IV5SSpT_n3Pw8fEwgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-05 12:24:52 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.204 (pelanduk.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 07:24:43.977582 2024] [security2:error] [pid 1049764:tid 1049764] [client 180.235.149.204:59572] [client 180.235.149.204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jaynawilliamsrealty.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jaynawilliamsrealty.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1Gbi4XYP4PfvXaOGpFKXQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-11-14 11:55:49 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇳🇱 MortimerCat	2024-11-14 10:35:01 (1 year ago)	Attempting to exploit via a http POST	Web App Attack
🇩🇪 ger-stg-sifi1	2024-11-14 02:18:38 (1 year ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇰 wnbhosting.dk	2024-11-13 20:21:02 (1 year ago)	WP xmlrpc [2024-11-13T21:21:02+01:00]	Hacking Web App Attack

Showing 1 to 15 of 96 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 154.83.197.30

🇫🇷 92.205.61.48

🇸🇪 46.246.47.58

🇩🇪 213.209.159.235

🇹🇼 198.235.24.37

🇩🇪 167.235.6.174

🇻🇳 156.229.22.183

🇩🇪 128.14.225.164

🇸🇬 114.119.147.240

🇩🇪 77.181.150.52

🇦🇺 40.82.214.8

🇸🇬 23.111.14.189

🇺🇸 2601:483:a00:a8d0:8ca:4615:a1a4:5c7b

🇧🇷 205.210.31.183

🇺🇸 205.185.127.50

🇲🇽 189.186.36.117

🇲🇽 186.96.145.241

🇩🇪 164.92.246.145

🇨🇿 141.133.172.101

🇨🇳 123.182.59.169