JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.8.225.127

182.8.225.127 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 2%: ?

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Fixed Line ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Yogyakarta, Yogyakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.8.225.127

Whois 182.8.225.127

IP Abuse Reports for 182.8.225.127:

This IP address has been reported a total of 10 times from 8 distinct sources. 182.8.225.127 was first reported on August 6th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Phenix Info	2026-06-06 05:03:04 (6 days ago)	SmallGuard.fr/Prestashop Massive 403	Web App Attack
Anonymous	2026-02-26 03:58:17 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-02-19 03:06:31 (3 months ago)	182.8.225.127 - - [19/Feb/2026:04:06:30 +0100] "GET https://www/product/kevin-levrone-gold-lean-mass ... show more 182.8.225.127 - - [19/Feb/2026:04:06:30 +0100] "GET https://www/product/kevin-levrone-gold-lean-mass-6kg/ HTTP/1.1" 404 44194 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" show less	Hacking
🇵🇱 sefinek.net	2026-01-17 02:06:09 (4 months ago)	Blocked by UFW on PL02 [23/tcp] Source port: 59840 TTL: 47 Packet length: 60 TOS: 0x00 This report ... show more Blocked by UFW on PL02 [23/tcp] Source port: 59840 TTL: 47 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Brute-Force IoT Targeted
🇺🇸 avgsmoe	2026-01-06 01:59:01 (5 months ago)	Honeypot hit. TCP/UDP port trap. Observed 1 times.	Port Scan Brute-Force
🇩🇪 Beta	2025-12-24 12:11:57 (5 months ago)	ports, 445/24H:1/7D:1	Port Scan
🇮🇩 hermawan	2025-10-21 07:01:55 (7 months ago)	[Tue Oct 21 14:01:54.008838 2025] [security2:error] [pid 1352767:tid 140228030359232] [client 182.8. ... show more [Tue Oct 21 14:01:54.008838 2025] [security2:error] [pid 1352767:tid 140228030359232] [client 182.8.225.127:22519] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(?i)(?:(?:^\|=)[\\\\s\\\\v](?:t[\\"'\\\\)\\\\[-\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\v])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?-@_a-\\\\{])?\\\\x5c?i[\\"'\\\$\\\\[-\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\v])?\\\\$[!#\\\$\\\\\\\\-0-9\\\\?-@_a-\\\\{])?\\\\x5c?m[\\"'\\\$\\\\[-\\\\x5c](?:(?:(?:\\\\\|\\\\\|\|&&)[\\\\s\\\\v]*)?\\ ..." at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "2418"] [id "932243"] [msg "Remote Command Execution: Unix Command Injection found in user-agent or referer header"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: ; iP found within REQUEST_HEADERS:User-Agent: ChatGPT/1.2025.281 (iOS 18.6.2; iPhone16,2; build 18509380657) request_line = ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-10-19 06:31:12 (7 months ago)	[Sun Oct 19 12:50:21.437524 2025] [security2:error] [pid 1362276:tid 140210413725376] [client 182.8. ... show more [Sun Oct 19 12:50:21.437524 2025] [security2:error] [pid 1362276:tid 140210413725376] [client 182.8.225.127:50433] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "164"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %3a found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?catid=474&id=1247%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-22-28-november-2016&start=150 HTTP/2.0 Request URI RAW = /index.php/profil/arsip-artikel?catid=474&id=1247%3Aprakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-22-28-november-2016&start=1..."] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "aPR8HQ7jX34X ... show less	Hacking Web App Attack
Anonymous	2025-10-01 18:10:15 (8 months ago)	Ports: 25,2525,465,587,2525; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2025-08-06 02:09:51 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.48.25

🇲🇽 187.191.48.4

🇮🇩 180.247.61.189

🇨🇦 174.116.110.218

🇺🇸 172.253.8.148

🇮🇹 151.37.136.166

🇨🇳 114.106.172.89

🇫🇷 91.231.89.236

🇸🇪 83.177.199.76

🇷🇺 46.188.119.26

🇺🇸 20.96.179.87

🇧🇷 200.155.66.2

🇳🇱 195.178.110.30

🇬🇾 168.232.145.252

🇺🇸 134.209.15.209

🇺🇸 130.131.220.154

🇫🇷 91.231.89.151

🇬🇧 87.236.176.87

🇪🇸 80.102.218.187

🇸🇬 62.146.238.165