JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.10.131.206

182.10.131.206 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 17%: ?

17%

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Fixed Line ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Banjar, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.10.131.206

Whois 182.10.131.206

IP Abuse Reports for 182.10.131.206:

This IP address has been reported a total of 9 times from 7 distinct sources. 182.10.131.206 was first reported on April 18th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 David Koswari	2026-06-04 05:42:00 (3 weeks ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇮🇩 hermawan	2026-05-27 06:54:19 (4 weeks ago)	[Wed May 27 13:54:15.077374 2026] [security2:error] [pid 637904:tid 139875491817152] [client 182.10. ... show more [Wed May 27 13:54:15.077374 2026] [security2:error] [pid 637904:tid 139875491817152] [client 182.10.131.206:7973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur"] [unique_id "ahaVF8x03gVtzYt75SiAbwAAkhc"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[637929] [YZ5nFMd0YHM] [ahaVF8x03gVtzYt75SiAbwAAkhc] keep_alive=[1] [2026-05-27 13:54:15.077380] [R:ahaVF8x03gVtzYt75SiAbwAAkhc] UA ... show less	Email Spam Hacking
🇺🇸 Cyber Crusader	2026-05-18 04:25:16 (1 month ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 gbzret4d	2026-05-07 04:56:36 (1 month ago)	Honeypot [uk-production01]: MSSQL traffic (on 1433) with username sa and empty password	Brute-Force
🇬🇧 cybersteve99	2026-04-21 15:58:57 (2 months ago)	Too many 4xx Requests -	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 11:34:04 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 182.10.131.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 182.10.131.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 07:33:59.739896 2026] [security2:error] [pid 1679624:tid 1679624] [client 182.10.131.206:3865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web25.dnchosting.com"] [uri "/.env.sample"] [unique_id "aeS9p2PWuIbMCxx6RCV0QAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 watchman1513	2026-04-19 07:09:20 (2 months ago)	182.10.131.206 - - [19/Apr/2026:03:09:02 -0400] "GET /mail/laravel/phpinfo.php HTTP/1.1" 404 146 "ht ... show more 182.10.131.206 - - [19/Apr/2026:03:09:02 -0400] "GET /mail/laravel/phpinfo.php HTTP/1.1" 404 146 "http://172.75.228.88/mail/laravel/phpinfo.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" 182.10.131.206 - - [19/Apr/2026:03:09:03 -0400] "GET /mail/laravel/info.php HTTP/1.1" 404 146 "http://172.75.228.88/mail/laravel/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" 182.10.131.206 - - [19/Apr/2026:03:09:19 -0400] "GET /mailer/laravel/info.php HTTP/1.1" 404 146 "http://172.75.228.88/mailer/laravel/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" ... show less	Fraud Orders DDoS Attack FTP Brute-Force Port Scan Hacking Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇺🇸 TPI-Abuse	2026-04-18 07:48:46 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 182.10.131.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 182.10.131.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 03:48:39.372396 2026] [security2:error] [pid 2820841:tid 2820841] [client 182.10.131.206:29590] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web229.dnchosting.com"] [uri "/backend/.env"] [unique_id "aeM3V9F9jgLpN3OgTJG9WwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 07:32:59 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 182.10.131.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 182.10.131.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 03:32:56.018007 2026] [security2:error] [pid 516200:tid 516200] [client 182.10.131.206:25661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web215.dnchosting.com"] [uri "/.git/config"] [unique_id "aeMzqGG0w4PBGYCpgB_SRgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 216.208.216.40

🇮🇳 182.95.185.142

🇺🇸 162.216.149.229

🇫🇷 92.205.184.118

🇨🇳 14.103.123.67

🇮🇳 182.95.185.14

🇮🇳 182.95.52.170

🇩🇪 176.100.36.222

🇰🇷 118.34.164.157

🇫🇷 91.231.89.240

🇺🇸 66.132.172.101

🇮🇳 13.234.53.25

🇺🇸 162.245.218.113

🇮🇩 103.157.26.23

🇻🇳 103.130.215.8

🇧🇩 103.4.145.50

🇺🇸 67.55.189.211

🇨🇳 36.137.131.9

🇭🇰 199.45.155.86

🇩🇪 31.76.106.26