JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.10.130.92

182.10.130.92 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 16%: ?

16%

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Fixed Line ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Banjar, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.10.130.92

Whois 182.10.130.92

IP Abuse Reports for 182.10.130.92:

This IP address has been reported a total of 15 times from 12 distinct sources. 182.10.130.92 was first reported on December 5th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-08 07:26:48 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated encoding. Vegas Security	DDoS Attack Hacking Bad Web Bot
🇮🇩 hermawan	2026-06-04 16:42:24 (2 weeks ago)	[Thu Jun 04 23:42:20.118481 2026] [authz_core:error] [pid 365688:tid 139764398204608] [client 182.10 ... show more [Thu Jun 04 23:42:20.118481 2026] [authz_core:error] [pid 365688:tid 139764398204608] [client 182.10.130.92:20299] AH01630: client denied by server configuration: /var/www/, referer https://staklim-jatim.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[365710] [WXVNOvBYCZY] [aiGq7DUl2TEJnBxtikoOYQAAyBU] keep_alive=[1] [2026-06-04 23:42:20.118484] [R:aiGq7DUl2TEJnBxtikoOYQAAyBU] UA:'Mozilla/5.0 (Linux; Android 8.0.0; SM-J330G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36 EdgA/114.0.1823.74' Host:'staklim-jatim.bmkg.go.id:443' ACCEPT:'/' Referer:'https://staklim-jatim.bmkg.go.id/ Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 ... show less	Email Spam Hacking
🇬🇧 PeravixGroup	2026-04-27 07:06:57 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 EGP Abuse Dept	2026-04-01 04:21:09 (2 months ago)	Scraping webshop URLs (www.badgehouder.nl), likely botnet drone	Bad Web Bot Exploited Host
Anonymous	2026-01-17 03:23:14 (5 months ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-post.asp show less	Bad Web Bot Exploited Host
🇷🇺 sms.ru	2026-01-07 02:00:43 (5 months ago)	/wp-admin/	Web App Attack
🇩🇪 stinpriza	2026-01-07 01:19:50 (5 months ago)	Web App Attack	Web App Attack
Anonymous	2026-01-07 00:51:28 (5 months ago)	[redacted] 182.10.130.92 - - [07/Jan/2026:01:51:19 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "M ... show more [redacted] 182.10.130.92 - - [07/Jan/2026:01:51:19 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.0.0 Safari/537.36" [redacted] 182.10.130.92 - - [07/Jan/2026:01:51:20 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" [redacted] 182.10.130.92 - - [07/Jan/2026:01:51:21 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 182.10.130.92 - - [07/Jan/2026:01:51:22 +0100] "POST /xmlrpc.php HTTP/1.1" 200 178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 182.10.130.92 - - [07/Jan/2026:01:51:23 +0100] ... show less	Hacking Web App Attack
Anonymous	2026-01-07 00:45:42 (5 months ago)	Unauthorized connection to Telnet port 23	Port Scan
🇺🇸 TPI-Abuse	2026-01-05 09:41:32 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 04:41:26.991600 2026] [security2:error] [pid 11410:tid 11410] [client 182.10.130.92:45271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eta-mct.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eta-mct.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aVuHRpOSj91LDB-G-2IaPwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-05 08:02:17 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 03:02:11.756782 2026] [security2:error] [pid 29828:tid 29828] [client 182.10.130.92:7776] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|esysapps.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "esysapps.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aVtwA4NbZlnM_sJEpv3d2gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-05 06:52:07 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 182.10.130.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 182.10.130.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 01:52:00.816912 2026] [security2:error] [pid 21321:tid 21321] [client 182.10.130.92:42505] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|esware.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "esware.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aVtfkCnyb2rY5DWlQNpsfQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-01-05 04:22:07 (5 months ago)	8.083 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2025-12-06 07:58:13 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-12-05 03:59:56 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 119.200.229.33

🇨🇳 115.59.83.229

🇺🇸 109.105.210.62

🇺🇸 72.214.49.194

🇺🇸 66.215.233.214

🇱🇹 45.227.254.170

🇪🇨 45.4.203.45

🇶🇦 176.203.34.201

🇰🇷 175.205.37.98

🇨🇳 171.213.166.206

🇸🇬 152.32.218.149

🇺🇸 147.185.132.35

🇨🇳 122.194.9.162

🇨🇳 111.113.89.191

🇨🇳 111.113.89.69

🇺🇸 107.173.155.35

🇮🇹 101.57.239.32

🇷🇺 95.108.213.137

🇫🇷 91.196.152.24

🇳🇱 91.92.40.66