JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.8.228.32

182.8.228.32 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 62%: ?

62%

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Fixed Line ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Kudus, Central Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.8.228.32

Whois 182.8.228.32

IP Abuse Reports for 182.8.228.32:

This IP address has been reported a total of 35 times from 21 distinct sources. 182.8.228.32 was first reported on September 8th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-15 01:58:37 (1 day ago)	[Mon Jun 15 08:58:31.996893 2026] [security2:error] [pid 600973:tid 139672937289408] [client 182.8.2 ... show more [Mon Jun 15 08:58:31.996893 2026] [security2:error] [pid 600973:tid 139672937289408] [client 182.8.228.32:16253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan"] [unique_id "ai9cR4r7s2X3JhxSBpxn5QABBwE"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[600975] [O6jVKQFaPEk] [ai9cR4r7s2X3JhxSBpxn5QABBwE] keep_alive=[1] [2026-06-15 08:58:31.996897] [R:ai9cR4r7s2X3JhxSBpxn5QABBwE] UA:'Mozilla/5.0 (iPhone; CPU iP ... show less	Email Spam Hacking
🇧🇷 dominioz	2026-06-13 04:44:43 (3 days ago)	2026-06-13 04:43:20 POST /xmlrpc.php - - 182.8.228.32 HTTP/1.1 Jetpack/12.1;+WordPress/6.4;+http://s ... show more 2026-06-13 04:43:20 POST /xmlrpc.php - - 182.8.228.32 HTTP/1.1 Jetpack/12.1;+WordPress/6.4;+http://site21583821.com - 200 650 2026-06-13 04:43:28 POST /xmlrpc.php - - 182.8.228.32 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 2026-06-13 04:43:42 POST /xmlrpc.php - - 182.8.228.32 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 2026-06-13 04:43:50 POST /xmlrpc.php - - 182.8.228.32 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 ... show less	Web App Attack
🇧🇪 cmbplf	2026-06-13 04:28:26 (3 days ago)	3.000 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-13 03:43:30 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:43:25.517689 2026] [security2:error] [pid 7498:tid 7498] [client 182.8.228.32:20388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.8.228.32 (+1 hits since last alert)\|modalguitarist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modalguitarist.com"] [uri "/xmlrpc.php"] [unique_id "aizR3WVcjWDBrq_LaXDtiwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 03:11:47 (3 days ago)	[redacted] 182.8.228.32 - - [13/Jun/2026:05:11:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Wo ... show more [redacted] 182.8.228.32 - - [13/Jun/2026:05:11:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 182.8.228.32 - - [13/Jun/2026:05:11:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 182.8.228.32 - - [13/Jun/2026:05:11:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 182.8.228.32 - - [13/Jun/2026:05:11:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" [redacted] 182.8.228.32 - - [13/Jun/2026:05:11:47 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 01:44:55 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 21:44:48.355921 2026] [security2:error] [pid 12580:tid 12580] [client 182.8.228.32:27974] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.8.228.32 (+1 hits since last alert)\|theroyalhouseofelohim.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theroyalhouseofelohim.org"] [uri "/xmlrpc.php"] [unique_id "aiy2EJubb7G7zMMbrHA-RwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 01:11:48 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 21:11:42.164424 2026] [security2:error] [pid 15651:tid 15651] [client 182.8.228.32:24759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.8.228.32 (+1 hits since last alert)\|gacstoday.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gacstoday.com"] [uri "/xmlrpc.php"] [unique_id "aiyuTvAcZ6CnA7p4bO7rTQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-12 05:40:20 (4 days ago)	(wordpress) Failed wordpress login from 182.8.228.32 (ID/Indonesia/Yogyakarta/Yogyakarta/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 04:08:13 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 182.8.228.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:08:07.040239 2026] [security2:error] [pid 22033:tid 22033] [client 182.8.228.32:19598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.8.228.32 (+1 hits since last alert)\|talentstar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talentstar.com"] [uri "/xmlrpc.php"] [unique_id "aiuGJ9YTgscPsiIfMdVirwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 02:36:13 (4 days ago)	Attac	Brute-Force
Anonymous	2026-06-11 07:21:46 (5 days ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=oro24.gr; logs=/var/log/httpd/domains/oro24.gr.log; samples=/x ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=oro24.gr; logs=/var/log/httpd/domains/oro24.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 WeekendWeb	2026-06-11 07:17:40 (5 days ago)	Wordpress Vunerability attack	Web App Attack
🇩🇪 Séfora Srl	2026-06-11 06:01:59 (5 days ago)	Failed attempt detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 iamimmanuelraj	2026-05-30 02:15:20 (2 weeks ago)	Fail2ban SSH Bruteforce - Port = 22 - Failures = 5 - Time = 1775540787	Brute-Force SSH
🇩🇪 iamimmanuelraj	2026-04-23 02:15:39 (1 month ago)	Fail2ban SSH Bruteforce - Port = 22 - Failures = 5 - Time = 1775540787	Brute-Force SSH

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.50

🇳🇱 160.119.76.62

🇨🇳 61.179.73.179

🇨🇳 220.180.166.214

🇨🇳 220.179.255.54

🇨🇳 220.161.52.149

🇹🇼 198.235.24.43

🇹🇼 198.235.24.42

🇬🇧 185.247.137.243

🇺🇦 176.103.1.39

🇳🇱 176.65.149.236

🇰🇷 168.107.44.30

🇺🇸 165.154.162.239

🇰🇷 144.24.68.152

🇺🇸 135.237.123.204

🇺🇸 129.153.145.135

🇨🇳 122.97.136.129

🇳🇱 107.189.24.77

🇧🇩 103.119.94.10

🇧🇬 79.124.62.178