JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.241.241.121

180.241.241.121 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 15%: ?

15%

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Rajapolah, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.241.241.121

Whois 180.241.241.121

IP Abuse Reports for 180.241.241.121:

This IP address has been reported a total of 16 times from 7 distinct sources. 180.241.241.121 was first reported on December 6th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 08:19:38 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:19:23.469865 2026] [security2:error] [pid 10934:tid 10934] [client 180.241.241.121:28569] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.241.121 (+1 hits since last alert)\|pondplain.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pondplain.org"] [uri "/xmlrpc.php"] [unique_id "ajOqC-zqqgH0raSAZBLHvAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-18 05:24:22 (1 day ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:45:10 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:44:54.711706 2026] [security2:error] [pid 12087:tid 12087] [client 180.241.241.121:27781] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.241.121 (+1 hits since last alert)\|batfry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "batfry.com"] [uri "/xmlrpc.php"] [unique_id "ajN3xjsLoR4FZ9u3zGjCIgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:14:30 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:14:13.814161 2026] [security2:error] [pid 17526:tid 17526] [client 180.241.241.121:21811] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.241.121 (+1 hits since last alert)\|bergenoaks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bergenoaks.com"] [uri "/xmlrpc.php"] [unique_id "ajNwlcgI5hnqW7X1l-aNgQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 02:46:16 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 180.241.241.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 22:46:02.459730 2026] [security2:error] [pid 12085:tid 12085] [client 180.241.241.121:14512] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.241.241.121 (+1 hits since last alert)\|marklex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "marklex.com"] [uri "/xmlrpc.php"] [unique_id "ajNb6pXeQTIOagOebYhS7wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇻🇳 Xuan Can	2024-02-01 04:26:30 (2 years ago)	(mod_security) mod_security (id:6) triggered by 180.241.241.121 (ID/Indonesia/-): 1 in the last 3600 ... show more (mod_security) mod_security (id:6) triggered by 180.241.241.121 (ID/Indonesia/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 01 11:26:22.715530 2024] [security2:error] [pid 32861:tid 47168872519424] [client 180.241.241.121:20497] [client 180.241.241.121] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "www.sieuthimaychu.vn"] [uri "/wp-login.php"] [unique_id "ZbsdboNwGggFLNHNj6_GCgAAAAs"] show less	Brute-Force SSH
🇺🇸 MPL	2023-10-07 12:41:38 (2 years ago)	tcp/8080 (2 or more attempts)	Port Scan
🇺🇸 octageeks.com	2023-08-20 04:09:38 (2 years ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 octageeks.com	2023-08-19 04:09:34 (2 years ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 octageeks.com	2023-08-18 04:09:33 (2 years ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 octageeks.com	2023-08-16 04:09:31 (2 years ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 octageeks.com	2023-08-14 04:11:35 (2 years ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇿🇦 IrisFlower	2022-12-30 05:05:14 (3 years ago)	Unauthorized connection attempt detected from IP address 180.241.241.121 to port 23 [J]	Port Scan Hacking
Anonymous	2022-10-21 11:08:34 (3 years ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
🇿🇦 IrisFlower	2022-04-06 04:07:12 (4 years ago)	Unauthorized connection attempt detected from IP address 180.241.241.121 to port 23 [J]	Port Scan Hacking

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 130.211.104.254

🇹🇼 111.70.9.143

🇨🇳 110.185.173.167

🇫🇷 85.217.140.18

🇺🇸 66.132.186.232

🇳🇱 45.148.10.240

🇮🇳 43.248.153.132

🇹🇿 41.93.28.12

🇧🇪 35.240.97.62

🇸🇪 2400:cb00:1031:1000:5dba:31a2:e976:af28

🇰🇷 211.107.217.244

🇷🇺 193.232.29.184

🇺🇸 162.254.36.150

🇺🇸 150.107.38.209

🇨🇳 139.210.171.206

🇧🇹 103.133.216.202

🇷🇺 95.188.68.96

🇲🇾 49.124.153.61

🇨🇳 39.78.142.77

🇬🇧 3.8.165.106