JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.2.164.15

182.2.164.15 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 22%: ?

22%

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Mobile ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.2.164.15

Whois 182.2.164.15

IP Abuse Reports for 182.2.164.15:

This IP address has been reported a total of 16 times from 8 distinct sources. 182.2.164.15 was first reported on August 1st 2021, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-06-30 07:00:52 (2 hours ago)	User login to application from malicious IP 182.2.164.15.. Threat Score: 4.1/10 (MEDIUM). Confidence ... show more User login to application from malicious IP 182.2.164.15.. Threat Score: 4.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 56%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-30 06:00:09 (3 hours ago)	User login to application from malicious IP 182.2.164.15.. Threat Score: 0/10 (INFORMATIONAL). Repor ... show more User login to application from malicious IP 182.2.164.15.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-29 02:00:52 (1 day ago)	User login to application from malicious IP 182.2.164.15.. Threat Score: 3.8/10 (LOW). Confidence: 3 ... show more User login to application from malicious IP 182.2.164.15.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-29 01:00:09 (1 day ago)	User login to application from malicious IP 182.2.164.15.. Threat Score: 0/10 (INFORMATIONAL). Repor ... show more User login to application from malicious IP 182.2.164.15.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-15 02:00:53 (2 weeks ago)	User login to application from malicious IP 182.2.164.15.. Threat Score: 3.9/10 (LOW). Confidence: 3 ... show more User login to application from malicious IP 182.2.164.15.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-15 01:00:58 (2 weeks ago)	User login to application from malicious IP 182.2.164.15.. Threat Score: 4/10 (MEDIUM). Confidence: ... show more User login to application from malicious IP 182.2.164.15.. Threat Score: 4/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Very Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇩🇪 pltcldvlpr	2026-06-13 06:40:53 (2 weeks ago)	Bogus Useragent: 182.2.164.15 - - [13/Jun/2026:08:38:47 +0200] "GET /protocol?id=hh_19_25&offset=130 ... show more Bogus Useragent: 182.2.164.15 - - [13/Jun/2026:08:38:47 +0200] "GET /protocol?id=hh_19_25&offset=1300&seq=1314 HTTP/1.1" 444 0 "-" "Opera/9.67.(X11; Linux x86_64; fa-IR) Presto/2.9.187 Version/11.00" asn=23693 org="PT. Telekomunikasi Selular" country=ID ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-03 23:05:25 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:05:20.866351 2026] [security2:error] [pid 9057:tid 9057] [client 182.2.164.15:62056] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.2.164.15 (+1 hits since last alert)\|ibermar.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ibermar.info"] [uri "/xmlrpc.php"] [unique_id "aiCzMLsCaeAhLY3x_b7mRwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 18:23:14 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:23:09.116471 2026] [security2:error] [pid 26288:tid 26288] [client 182.2.164.15:52426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.2.164.15 (+1 hits since last alert)\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "aiBxDTs-jwdsR7X4PaoZkgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 17:28:51 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:28:45.258923 2026] [security2:error] [pid 486:tid 486] [client 182.2.164.15:57923] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.2.164.15 (+1 hits since last alert)\|thehealthyplaceclayton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thehealthyplaceclayton.com"] [uri "/xmlrpc.php"] [unique_id "aiBkTY9Tt8Ud26lVrYB9sQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 14:34:47 (3 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 02:32:05 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.2.164.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:32:01.873516 2026] [security2:error] [pid 9400:tid 9400] [client 182.2.164.15:63234] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.2.164.15 (+1 hits since last alert)\|souldata.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "souldata.com"] [uri "/xmlrpc.php"] [unique_id "ah-SId3cCRNdXt9ofxqz7gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-12-23 05:10:00 (6 months ago)	DDoS Attack Layer 7	DDoS Attack
Anonymous	2024-12-23 09:38:28 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇩 Burayot	2024-10-23 08:59:37 (1 year ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 182.2.164.15 (ID/Indonesia/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 182.2.164.15 (ID/Indonesia/-): 1 in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.243.138.30

🇱🇰 123.231.9.114

🇻🇳 116.110.209.170

🇰🇷 112.164.211.228

🇻🇳 103.200.22.154

🇮🇳 98.70.127.17

🇺🇸 96.78.175.41

🇹🇼 59.126.224.134

🇳🇱 45.148.10.141

🇭🇰 218.103.120.150

🇳🇱 213.156.4.12

🇷🇴 193.32.162.84

🇦🇷 181.41.236.164

🇮🇳 151.158.184.102

🇮🇳 125.20.210.182

🇨🇦 85.217.149.20

🇳🇱 45.148.10.147

🇺🇸 18.221.179.104

🇸🇦 5.245.213.140

🇮🇩 2404:c0:ba01:d1f0:8957:9dd:635f:1bec