JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.253.89.112

182.253.89.112 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 73%: ?

73%

ISP	Biznet Networks
Usage Type	Fixed Line ISP
ASN	AS17451
Domain Name	biznetnetworks.com
Country	🇮🇩 Indonesia
City	Magelang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.253.89.112

Whois 182.253.89.112

IP Abuse Reports for 182.253.89.112:

This IP address has been reported a total of 49 times from 25 distinct sources. 182.253.89.112 was first reported on January 25th 2021, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-15 08:46:59 (5 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇦🇺 screwlooseit.com.au	2026-06-15 05:01:34 (9 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ID/Indonesia/-	Web App Attack
🇺🇸 oralunal	2026-06-15 04:04:11 (10 hours ago)	IP banned by Fail2Ban in jail oral-suss access.log mvfnds ...	Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-12 15:51:01 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-12 08:15:59 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:15:55.504354 2026] [security2:error] [pid 10036:tid 10036] [client 182.253.89.112:4429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|phoboschildren.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "phoboschildren.com"] [uri "/xmlrpc.php"] [unique_id "aivAO7pNYIyMf_KPJRVusgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:01:30 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:01:21.913077 2026] [security2:error] [pid 12875:tid 12875] [client 182.253.89.112:62948] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|michaelthompson.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michaelthompson.biz"] [uri "/xmlrpc.php"] [unique_id "aiuEkelATK_7W1dANDUGQQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-11 11:36:32 (4 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-11 10:03:34 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:03:30.251674 2026] [security2:error] [pid 20205:tid 20205] [client 182.253.89.112:2943] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|oakvillenaturopathicclinic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oakvillenaturopathicclinic.com"] [uri "/xmlrpc.php"] [unique_id "aiqH8ih9O_FLPlr_qklQWwAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-11 09:00:13 (4 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 06:07:22 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:07:19.308976 2026] [security2:error] [pid 8272:tid 8272] [client 182.253.89.112:14815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|majesticsolutions.co\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "majesticsolutions.co"] [uri "/xmlrpc.php"] [unique_id "aipQl2ukizRPDrYj-rQfbgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 YF	2026-06-10 11:30:41 (5 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-06-10 06:40:05 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:39:57.591029 2026] [security2:error] [pid 15448:tid 15448] [client 182.253.89.112:1157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|barigby.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barigby.com"] [uri "/xmlrpc.php"] [unique_id "aikGvawYcBaFuUitYjLjGgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 23:40:22 (5 days ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=anyfantis.gr; logs=/var/log/httpd/domains/anyfantis.gr.log; sa ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=anyfantis.gr; logs=/var/log/httpd/domains/anyfantis.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 14:47:24 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 10:47:20.883562 2026] [security2:error] [pid 1586:tid 1586] [client 182.253.89.112:50266] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|riccardiagency.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "riccardiagency.com"] [uri "/xmlrpc.php"] [unique_id "aigneLTjZXCwQoloFKG9AQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 13:29:46 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:29:40.069009 2026] [security2:error] [pid 8659:tid 8687] [client 182.253.89.112:37018] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.112 (+1 hits since last alert)\|piazza9.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "piazza9.com"] [uri "/xmlrpc.php"] [unique_id "aigVRHLJKPxSRQjfIDtTjgAAAdY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:c013:bf96::1

🇺🇸 167.99.106.37

🇭🇰 156.245.246.50

🇮🇳 152.59.118.74

🇮🇹 151.33.102.130

🇰🇷 112.151.178.49

🇹🇷 45.158.14.124

🇬🇧 45.82.76.124

🇧🇷 45.71.123.226

🇵🇱 194.165.16.161

🇨🇳 122.97.209.53

🇺🇸 113.20.4.9

🇺🇸 91.230.168.125

🇮🇳 49.36.212.221

🇺🇸 34.24.63.147

🇸🇬 2404:6800:4003:c11::120

🇫🇷 185.177.72.29

🇺🇾 167.57.92.137

🇩🇿 154.241.11.205

🇮🇩 143.20.49.38