JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.253.128.35

182.253.128.35 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 59%: ?

59%

ISP	Biznet Prepaid Kerawang
Usage Type	Fixed Line ISP
ASN	AS17451
Domain Name	biznetnetworks.com
Country	🇮🇩 Indonesia
City	Karawang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.253.128.35

Whois 182.253.128.35

IP Abuse Reports for 182.253.128.35:

This IP address has been reported a total of 38 times from 22 distinct sources. 182.253.128.35 was first reported on July 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 juguemosalacarioca.com	2026-06-23 12:58:54 (2 days ago)	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	Web App Attack
🇩🇪 LRob.fr	2026-06-21 14:15:02 (4 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 05:21:41 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 182.253.128.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.253.128.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 01:21:38.219622 2026] [security2:error] [pid 9785:tid 9785] [client 182.253.128.35:57838] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|barecreationsaz.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barecreationsaz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajd04uSD1qAY-442rtUh5QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-21 04:47:07 (5 days ago)	[SunJun2106:47:03.5933742026][security2:error][pid2082547:tid2082671][client182.253.128.35:0]ModSecu ... show more [SunJun2106:47:03.5933742026][security2:error][pid2082547:tid2082671][client182.253.128.35:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"associazione-iris.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajdsx1q0SAMBH6FAzBSqjwAAAJY\"] show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-06-20 16:50:07 (5 days ago)	Wordfence waf block on lostswordfish	Web App Attack
🇩🇪 Marc	2026-06-20 16:25:46 (5 days ago)	182.253.128.35 - - [20/Jun/2026:18:21:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3403 "-" "Mozilla/5. ... show more 182.253.128.35 - - [20/Jun/2026:18:21:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3403 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/14.0.0.0 Safari/537.36" 182.253.128.35 - - [20/Jun/2026:18:25:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" 182.253.128.35 - - [20/Jun/2026:18:25:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/74.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-20 14:56:51 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-06-20 12:22:44 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇳🇱 wlt-blocker	2026-06-19 17:43:07 (6 days ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 15:29:45 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 182.253.128.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.253.128.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 11:29:41.329472 2026] [security2:error] [pid 31247:tid 31247] [client 182.253.128.35:43053] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|energycapitalinvestments.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "energycapitalinvestments.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajFr5fN03EJcETN-X2vuGgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Phenix Info	2026-05-11 00:51:35 (1 month ago)	SmallGuard.fr/Prestashop Massive 403	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-05 16:09:02 (1 month ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx01,mx02,mx03,wa01,wa0 ... show more Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx01,mx02,mx03,wa01,wa02] show less	Bad Web Bot Web App Attack
🇩🇪 poseidon00	2026-04-20 13:50:23 (2 months ago)	182.253.128.35 - - [20/Apr/2026:13:40:31 +0000] "POST /xmlrpc.php HTTP/1.1" 200 3512 "-" "Mozilla/5. ... show more 182.253.128.35 - - [20/Apr/2026:13:40:31 +0000] "POST /xmlrpc.php HTTP/1.1" 200 3512 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" 182.253.128.35 - - [20/Apr/2026:13:45:45 +0000] "POST /xmlrpc.php HTTP/1.1" 200 3511 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" 182.253.128.35 - - [20/Apr/2026:13:48:30 +0000] "POST /xmlrpc.php HTTP/1.1" 200 3513 "-" "Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/96.0.0.0 Safari/537.36" 182.253.128.35 - - [20/Apr/2026:13:49:37 +0000] "POST /xmlrpc.php HTTP/1.1" 200 3511 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/100.0.0.0 Safari/537.36" 182.253.128.35 - - [20/Apr/2026:13:50:22 +0000] "POST /xmlrpc.php HTTP/1.1" 200 3511 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/64.0.0.0 Safari/ ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-20 08:39:10 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 182.253.128.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 182.253.128.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 04:39:02.181579 2026] [security2:error] [pid 1835215:tid 1835215] [client 182.253.128.35:6612] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|stoneybluff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stoneybluff.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeXmJruRbrxjp_oqmClo_AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-04-18 13:08:02 (2 months ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice02,wa01,wa02]	Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.232.31.227

🇺🇸 64.62.197.200

🇬🇧 2a06:4882:5000::5b

🇺🇦 185.254.197.231

🇯🇵 173.244.58.24

🇺🇸 162.216.150.62

🇳🇱 91.92.40.233

🇳🇱 91.92.40.12

🇳🇱 45.9.191.184

🇮🇳 182.19.35.57

🇺🇸 147.185.132.232

🇵🇭 121.58.196.194

🇨🇳 101.126.17.55

🇷🇺 91.135.221.4

🇧🇬 79.124.58.142

🇪🇸 45.86.184.143

🇧🇪 34.77.61.20

🇩🇪 8.211.19.30

🇳🇱 204.76.203.206

🇺🇸 162.216.149.171