JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.10.130.230

182.10.130.230 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 21%: ?

21%

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Fixed Line ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Banjar, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.10.130.230

Whois 182.10.130.230

IP Abuse Reports for 182.10.130.230:

This IP address has been reported a total of 23 times from 15 distinct sources. 182.10.130.230 was first reported on September 27th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-12 05:19:02 (1 month ago)	Attack Signature Blocked: /wishlist/index/add/product/10921/form_key/AuXWf59B7T5a0pY6/ (Magento Site ... show more Attack Signature Blocked: /wishlist/index/add/product/10921/form_key/AuXWf59B7T5a0pY6/ (Magento Site) (Botnet activity attributed to: Angara Technologies Group / mikhail-smirnov-79830322) show less	Web App Attack Bad Web Bot
🇺🇸 octageeks.com	2026-05-09 04:07:02 (1 month ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇺🇸 NicoID	2026-05-09 00:14:50 (1 month ago)	182.10.130.230 - - [08/May/2026:04:01:36 -0600] "POST /xmlrpc.php HTTP/1.1" 404 7272 "-" "Mozilla/5. ... show more 182.10.130.230 - - [08/May/2026:04:01:36 -0600] "POST /xmlrpc.php HTTP/1.1" 404 7272 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" ... show less	Brute-Force
Anonymous	2026-05-08 15:42:57 (1 month ago)	(xmlrpc) Failed wordpress XMLRPC 182.10.130.230 (ID/Indonesia/-)	Brute-Force
🇳🇱 wlt-blocker	2026-05-08 11:14:22 (1 month ago)	Unauthorized access to webpage admin	Web App Attack
🇮🇩 hermawan	2026-04-17 05:05:33 (1 month ago)	[Fri Apr 17 12:05:32.187504 2026] [security2:error] [pid 284858:tid 140256448775872] [client 182.10. ... show more [Fri Apr 17 12:05:32.187504 2026] [security2:error] [pid 284858:tid 140256448775872] [client 182.10.130.230:15238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.25.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "623"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561307-infografis-perubahan-iklim-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561307-infografis-perubahan-iklim-jawa-timur"] [unique_id "aeG_nJ-5CNPTUiBrumBomAAAghg"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[284883] [yCv45eBHBRk] [aeG_nJ-5CNPTUiBrumBomAAAghg] keep_alive=[1] [2026-04-1 ... show less	Email Spam Hacking
🇮🇹 VHosting	2025-12-14 23:48:58 (5 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇨🇦 gui-ying233	2025-12-10 01:14:36 (6 months ago)	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3 ... show more Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36 show less	Bad Web Bot
🇫🇷 dynamix	2025-10-12 11:45:49 (8 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 octageeks.com	2025-09-28 04:08:25 (8 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2025-09-28 00:39:53 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 27 20:39:47.606894 2025] [security2:error] [pid 5292:tid 5292] [client 182.10.130.230:27242] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|makegoodsausage.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "makegoodsausage.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aNiD020CSsTfLNSq9Ag0ugAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-27 23:59:48 (8 months ago)	[redacted] 182.10.130.230 - - [28/Sep/2025:01:59:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 155 "-" " ... show more [redacted] 182.10.130.230 - - [28/Sep/2025:01:59:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 155 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 182.10.130.230 - - [28/Sep/2025:01:59:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 155 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 182.10.130.230 - - [28/Sep/2025:01:59:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 155 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 182.10.130.230 - - [28/Sep/2025:01:59:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 155 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 182.10.130.230 - - [28/Sep/2025:01:59:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 155 "-" "Mozilla/5.0 (Windows NT 10.0; Win ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-09-27 23:35:58 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 27 19:35:50.756731 2025] [security2:error] [pid 8871:tid 8871] [client 182.10.130.230:16864] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|makaihe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "makaihe.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aNh01um1k4cv-QCAlpOuIQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-27 22:26:48 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 27 18:26:42.359856 2025] [security2:error] [pid 25856:tid 25856] [client 182.10.130.230:27641] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|majesticsolutions.co\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "majesticsolutions.co"] [uri "/wp-json/wp/v2/users"] [unique_id "aNhkopVymkFSYr3KpJCOFQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-27 22:08:34 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 27 18:08:31.150293 2025] [security2:error] [pid 18100:tid 18100] [client 182.10.130.230:26456] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|majersigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "majersigns.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aNhgX6Rhu9TbE0k8bfplgQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.113.119.101

🇺🇸 157.245.1.7

🇨🇳 117.40.249.40

🇨🇳 111.39.167.59

🇧🇬 91.191.209.118

🇺🇸 35.243.160.201

🇭🇰 203.198.173.137

🇬🇧 193.163.125.37

🇮🇶 169.224.105.210

🇦🇫 149.54.40.222

🇬🇧 104.252.136.208

🇻🇳 103.138.113.149

🇺🇸 98.82.39.241

🇫🇷 93.127.203.216

🇨🇦 64.188.120.215

🇭🇰 47.242.216.170

🇺🇸 34.144.187.40

🇺🇸 32.221.184.72

🇺🇸 20.12.203.132

🇯🇵 16.208.70.89