JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.252.86.255

180.252.86.255 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 19%: ?

19%

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.252.86.255

Whois 180.252.86.255

IP Abuse Reports for 180.252.86.255:

This IP address has been reported a total of 15 times from 11 distinct sources. 180.252.86.255 was first reported on August 12th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-10 02:59:07 (3 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇺🇸 octageeks.com	2026-04-14 04:06:16 (1 month ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 01:27:04 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 21:26:54.575921 2026] [security2:error] [pid 1177823:tid 1177823] [client 180.252.86.255:49370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.252.86.255 (+1 hits since last alert)\|ardeeapps.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ardeeapps.com"] [uri "/xmlrpc.php"] [unique_id "ad2X3lzN73ViJ2P0_Q4gcwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-13 23:39:34 (1 month ago)	(wordpress) Failed wordpress login from 180.252.86.255 (ID/Indonesia/-)	Brute-Force
🇫🇷 SpaceHost-Server	2026-04-13 22:26:51 (1 month ago)		Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-04-13 06:20:08 (1 month ago)	(wordpress) Failed wordpress login from 180.252.86.255 (ID/Indonesia/-)	Brute-Force
🇩🇪 big-cloud.nl	2026-04-13 05:29:23 (1 month ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-04-13 05:12:51 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 01:12:47.516187 2026] [security2:error] [pid 1154869:tid 1154869] [client 180.252.86.255:59521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.252.86.255 (+1 hits since last alert)\|stoneybluff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoneybluff.com"] [uri "/xmlrpc.php"] [unique_id "adx7TxqhwyPD7HKk-eu8KQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Kenshin869	2026-04-13 03:22:14 (2 months ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-04-13 02:13:12 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 22:13:06.286081 2026] [security2:error] [pid 3206922:tid 3206992] [client 180.252.86.255:59810] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.252.86.255 (+1 hits since last alert)\|duplexgoldmine.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "duplexgoldmine.com"] [uri "/xmlrpc.php"] [unique_id "adxRMo-HUkeidufSr998rgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 23:13:08 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 19:13:00.176033 2026] [security2:error] [pid 3803978:tid 3804006] [client 180.252.86.255:62542] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.252.86.255 (+1 hits since last alert)\|tomithai.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tomithai.com"] [uri "/xmlrpc.php"] [unique_id "adwm_OzjZroc2Oai_aUA3AAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-04-12 06:20:27 (2 months ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 05:04:42 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 180.252.86.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 01:04:34.275533 2026] [security2:error] [pid 1985059:tid 1985059] [client 180.252.86.255:49805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.252.86.255 (+1 hits since last alert)\|67ronin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "67ronin.com"] [uri "/xmlrpc.php"] [unique_id "adsn4kVQ3EVN0FTDXhPGugAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 MarkGGN	2023-04-06 14:36:15 (3 years ago)	SMTP Bruteforce. Apr 6 16:35:59 * postfix/smtpd[1386714]: NOQUEUE: reject: RCPT from unknown[180.25 ... show more SMTP Bruteforce. Apr 6 16:35:59 * postfix/smtpd[1386714]: NOQUEUE: reject: RCPT from unknown[180.252.86.255]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [180.252.86.255]; from=<> to=<vibratosw@> proto=ESMTP helo=<[180.252.86.255]> Apr 6 16:36:15 * postfix/smtpd[1388152]: NOQUEUE: reject: RCPT from unknown[180.252.86.255]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [180.252.86.255]; from=<> to=<vibratosw@> proto=ESMTP helo=<[180.252.86.255]> show less	Brute-Force
Anonymous	2022-08-12 18:26:52 (3 years ago)	Unauthorized Connection Attempt	Port Scan Hacking Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.243.133.18

🇺🇸 2a02:6ea0:c493:2003:f8a4:5f11:98a4:4ea5

🇨🇱 186.40.170.165

🇧🇷 179.157.202.58

🇨🇴 170.254.229.191

🇺🇸 104.243.42.167

🇱🇹 62.60.130.251

🇩🇪 34.159.189.162

🇨🇳 218.0.63.25

🇹🇭 122.155.28.15

🇹🇷 78.173.8.164

🇳🇱 45.198.224.5

🇿🇲 41.63.63.211

🇭🇰 8.217.232.214

🇫🇮 2.27.53.177

🇬🇧 198.244.168.240

🇻🇳 116.97.107.79

🇳🇱 77.83.39.81

🇮🇩 69.5.7.218

🇹🇼 35.194.216.22