JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.253.89.119

182.253.89.119 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 97%: ?

97%

ISP	Biznet Networks
Usage Type	Fixed Line ISP
ASN	AS17451
Domain Name	biznetnetworks.com
Country	🇮🇩 Indonesia
City	Magelang, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.253.89.119

Whois 182.253.89.119

IP Abuse Reports for 182.253.89.119:

This IP address has been reported a total of 44 times from 30 distinct sources. 182.253.89.119 was first reported on July 11th 2025, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 QT	2026-06-27 07:37:03 (59 minutes ago)	Unauthorised WordPress admin login attempted at 2026-06-27 17:36:52 +1000	Web App Attack
🇫🇷 masterguru	2026-06-27 06:25:23 (2 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-27 06:18:04 (2 hours ago)		Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 05:26:03 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 01:25:56.397078 2026] [security2:error] [pid 14799:tid 14799] [client 182.253.89.119:32977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.119 (+1 hits since last alert)\|agrollum.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "agrollum.com"] [uri "/xmlrpc.php"] [unique_id "aj9e5Ii0eEUxLsr4yzZp2AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 ycoskun41	2026-06-27 05:06:10 (3 hours ago)	fail2ban: plesk-modsecurity jail on genckocaeli.com	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:46:17 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:46:11.029110 2026] [security2:error] [pid 6520:tid 6520] [client 182.253.89.119:3194] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.119 (+1 hits since last alert)\|americanacademyofteachersofsinging.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "americanacademyofteachersofsinging.org"] [uri "/xmlrpc.php"] [unique_id "aj9Hg4WtlNWeCUZuhJRvbwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:11:40 (5 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:11:35.628954 2026] [security2:error] [pid 19811:tid 19811] [client 182.253.89.119:41833] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.119 (+1 hits since last alert)\|godcanuseyou.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "godcanuseyou.com"] [uri "/xmlrpc.php"] [unique_id "aj8_Z12tOprvUbs57ptdBwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-27 02:31:42 (6 hours ago)	3.612 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-26 10:15:46 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 06:15:41.235500 2026] [security2:error] [pid 20963:tid 20963] [client 182.253.89.119:31454] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.119 (+1 hits since last alert)\|indiahouseportland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "indiahouseportland.com"] [uri "/xmlrpc.php"] [unique_id "aj5RTXOOmWZ-_dQBfjItPwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 09:14:40 (23 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 08:43:49 (23 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.253.89.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:43:43.760713 2026] [security2:error] [pid 20434:tid 20434] [client 182.253.89.119:15139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.253.89.119 (+1 hits since last alert)\|deborahbein.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "deborahbein.com"] [uri "/xmlrpc.php"] [unique_id "aj47v7AQG5JBrqtBxx0MGAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-26 07:42:11 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-26 06:30:31 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 pscriptos	2026-06-24 04:46:03 (3 days ago)	{"ClientAddr":"182.253.89.119:61316","ClientHost":"182.253.89.119","ClientPort":"61316","ClientUsern ... show more {"ClientAddr":"182.253.89.119:61316","ClientHost":"182.253.89.119","ClientPort":"61316","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":399170143,"OriginContentSize":418,"OriginDuration":394903969,"OriginStatus":403,"Overhead":4266174,"RequestAddr":"www.cleveradmin.de","RequestContentSize":714,"RequestCount":1280840,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-24T06:45:42.894880923+02:00","StartUTC":"2026-06-24T04:45:42.894880923Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-24T06:45:43+02:00"} {"ClientAddr":"182.253.89.119:61316","ClientHost":"182.253.89.11 ... show less	Brute-Force Web App Attack
🇫🇷 Kenshin869	2026-06-23 07:52:11 (4 days ago)	Wordpress unauthorized access attempt	Brute-Force

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.217.107.18

🇺🇸 185.198.240.74

🇮🇳 103.182.132.154

🇮🇩 69.5.20.232

🇲🇾 49.124.154.172

🇻🇳 42.96.20.16

🇺🇸 35.209.32.40

🇮🇪 4.207.145.86

🇨🇳 106.13.107.35

🇸🇬 94.231.206.15

🇬🇧 87.236.176.175

🇩🇪 47.254.159.17

🇧🇷 189.120.79.210

🇺🇿 176.96.243.100

🇺🇸 162.216.150.50

🇺🇸 73.129.57.71

🇬🇧 2a06:4880:6000::89

🇨🇳 183.224.182.236

🇮🇹 172.213.2.229

🇺🇸 162.216.149.21