JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.243.6.118

180.243.6.118 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 36%: ?

36%

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.243.6.118

Whois 180.243.6.118

IP Abuse Reports for 180.243.6.118:

This IP address has been reported a total of 21 times from 11 distinct sources. 180.243.6.118 was first reported on August 14th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-06-25 14:00:53 (1 day ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 3.8/10 (LOW). Confidence: ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-25 13:00:52 (1 day ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 3.9/10 (LOW). Confidence: ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-25 12:00:57 (1 day ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 4/10 (MEDIUM). Confidence: ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 4/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-25 10:00:09 (1 day ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 0/10 (INFORMATIONAL). Repo ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-24 10:00:54 (2 days ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 3.9/10 (LOW). Confidence: ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 37%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-24 06:44:46 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇮🇩 sockominfo	2026-06-24 06:00:53 (2 days ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 3.7/10 (LOW). Confidence: ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 3.7/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-24 05:00:52 (2 days ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 3.9/10 (LOW). Confidence: ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-06-24 04:16:30 (2 days ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
🇮🇩 sockominfo	2026-06-24 04:00:09 (2 days ago)	User login to application from malicious IP 180.243.6.118.. Threat Score: 0/10 (INFORMATIONAL). Repo ... show more User login to application from malicious IP 180.243.6.118.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 03:32:02 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 180.243.6.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.243.6.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:31:56.418442 2026] [security2:error] [pid 31583:tid 31583] [client 180.243.6.118:49790] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.6.118 (+1 hits since last alert)\|rohanbyles.com.au\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rohanbyles.com.au"] [uri "/xmlrpc.php"] [unique_id "ajtPrASy0MftPNPWmVg-NQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-23 04:06:12 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 06:41:19 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 180.243.6.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.243.6.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 02:41:15.056357 2026] [security2:error] [pid 1825:tid 1825] [client 180.243.6.118:62831] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.6.118 (+1 hits since last alert)\|wokedreamer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wokedreamer.com"] [uri "/xmlrpc.php"] [unique_id "ajjZCyfTOwbwDD3JsLdnygAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 01:39:39 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 180.243.6.118 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.243.6.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:39:35.856589 2026] [security2:error] [pid 5247:tid 5247] [client 180.243.6.118:61390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.243.6.118 (+1 hits since last alert)\|cmcnow.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cmcnow.net"] [uri "/xmlrpc.php"] [unique_id "ajiSV3bgpw1iJp2fDqfNzQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 ChillScanner	2022-06-06 15:39:10 (4 years ago)	2 probe(s) @ TCP(445)	Port Scan

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 212.252.3.185

🇳🇮 190.143.253.179

🇺🇸 162.243.228.110

🇺🇸 147.182.202.179

🇮🇳 139.59.6.237

🇺🇸 107.155.112.162

🇺🇸 107.152.44.215

🇮🇳 106.202.113.43

🇨🇳 60.214.154.254

🇺🇸 20.40.208.55

🇬🇧 161.35.47.134

🇸🇬 114.119.129.71

🇺🇸 103.143.239.193

🇭🇰 84.54.3.194

🇩🇪 69.5.169.140

🇩🇪 49.13.134.150

🇸🇬 43.160.212.102

🇺🇸 35.237.94.18

🇦🇷 181.94.15.57

🇺🇸 162.216.149.212