JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.243.31.138

180.243.31.138 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 37%: ?

37%

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Pemalang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.243.31.138

Whois 180.243.31.138

IP Abuse Reports for 180.243.31.138:

This IP address has been reported a total of 35 times from 15 distinct sources. 180.243.31.138 was first reported on May 12th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-05-19 08:33:04 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-05-18 18:56:22 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 14:56:11.368935 2026] [security2:error] [pid 17080:tid 17080] [client 180.243.31.138:50162] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|stacyfarm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stacyfarm.com"] [uri "/xmlrpc.php"] [unique_id "agtgy-QeUozvhq-BKA9lSQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 17:25:23 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 13:25:14.919920 2026] [security2:error] [pid 17491:tid 17491] [client 180.243.31.138:64367] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|websitesforauthors.design\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "websitesforauthors.design"] [uri "/xmlrpc.php"] [unique_id "agtLergkRZkPHQFUZpW4WQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 13:41:41 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 09:41:29.769387 2026] [security2:error] [pid 1059:tid 1059] [client 180.243.31.138:65029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|wealthsec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wealthsec.com"] [uri "/xmlrpc.php"] [unique_id "agsXCbcybFZNPeT5aVbg9wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 13:09:31 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 09:09:24.953237 2026] [security2:error] [pid 15272:tid 15272] [client 180.243.31.138:58418] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|edmestonfd.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edmestonfd.com"] [uri "/xmlrpc.php"] [unique_id "agsPhHiA3K-CNN7iwVeNYQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-18 02:02:47 (1 month ago)	Attac	Brute-Force
🇫🇮 YF	2026-05-17 01:02:51 (1 month ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-05-17 00:16:21 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 20:16:17.506729 2026] [security2:error] [pid 6517:tid 6517] [client 180.243.31.138:65412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|marklex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "marklex.com"] [uri "/xmlrpc.php"] [unique_id "agkI0Rhf82R4YpchYHWF4QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-16 22:12:56 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇫🇷 Kenshin869	2026-05-16 12:07:11 (1 month ago)	Wordpress unauthorized access attempt	Brute-Force
Anonymous	2026-05-16 11:25:33 (1 month ago)	180.243.31.138 - - [16/May/2026:13:25:10 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by ... show more 180.243.31.138 - - [16/May/2026:13:25:10 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 180.243.31.138 - - [16/May/2026:13:25:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 180.243.31.138 - - [16/May/2026:13:25:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 180.243.31.138 - - [16/May/2026:13:25:20 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com" 180.243.31.138 - - [16/May/2026:13:25:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-05-16 10:56:07 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 konseptit	2026-05-16 07:10:23 (1 month ago)	(wordpress) Failed wordpress login from 180.243.31.138 (ID/Indonesia/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-05-16 05:08:37 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 01:08:28.144827 2026] [security2:error] [pid 20878:tid 20878] [client 180.243.31.138:59930] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|uphillfarmvt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uphillfarmvt.com"] [uri "/xmlrpc.php"] [unique_id "agf7zEcWJjGBM4lzUWJaDwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 03:35:15 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.243.31.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 23:35:10.688116 2026] [security2:error] [pid 4160:tid 4160] [client 180.243.31.138:61270] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.31.138 (+1 hits since last alert)\|protection4allsecurity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "protection4allsecurity.com"] [uri "/xmlrpc.php"] [unique_id "agfl7sSYzrmlt4XVUhwivgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2a09:bac5:34b5:28a0::40c:1f

🇪🇬 197.44.15.210

🇷🇺 194.190.153.226

🇮🇶 185.166.25.150

🇧🇷 179.172.187.197

🇻🇳 171.243.151.77

🇩🇪 165.245.217.176

🇺🇸 157.245.82.200

🇳🇱 157.245.69.67

🇷🇴 141.98.83.240

🇷🇺 93.77.187.140

🇷🇺 37.79.232.82

🇺🇸 20.163.14.234

🇺🇸 209.141.46.66

🇺🇸 205.210.31.110

🇸🇬 157.245.61.43

🇫🇮 147.185.133.237

🇲🇾 47.250.175.33

🇳🇱 45.198.224.120

🇹🇼 35.234.30.39