JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.9.33.161

182.9.33.161 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 39%: ?

39%

ISP	PT. Telekomunikasi Selular (Telkomsel) Indonesia
Usage Type	Fixed Line ISP
ASN	AS23693
Domain Name	telkomsel.co.id
Country	🇮🇩 Indonesia
City	Medan, North Sumatra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.9.33.161

Whois 182.9.33.161

IP Abuse Reports for 182.9.33.161:

This IP address has been reported a total of 13 times from 13 distinct sources. 182.9.33.161 was first reported on September 16th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 09:07:11 (2 days ago)	Too many Status 40X (21)	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-03 21:52:50 (2 days ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN ID/Indonesia/-	Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 19:35:01 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 182.9.33.161 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 182.9.33.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 15:34:55.128778 2026] [security2:error] [pid 10492:tid 10492] [client 182.9.33.161:5038] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|holgerfeld.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "holgerfeld.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahyNX9miHd43GnM8MVn0twAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 cagatayakinci.com	2026-05-30 20:22:47 (6 days ago)	182.9.33.161 - - [30/May/2026:23:22:31 +0300] "GET /wp-content/plugins/burst-statistics/readme.txt H ... show more 182.9.33.161 - - [30/May/2026:23:22:31 +0300] "GET /wp-content/plugins/burst-statistics/readme.txt HTTP/1.1" 404 11902 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, seperti Gecko) Chrome/148.0.0.0 Safari/537.36" 182.9.33.161 - - [30/May/2026:23:22:32 +0300] "GET /wp-content/themes/adforest/style.css HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, seperti Gecko) Chrome/148.0.0.0 Safari/537.36" 182.9.33.161 - - [30/May/2026:23:22:33 +0300] "GET /wp-content/themes/adforest/readme.txt HTTP/1.1" 404 11902 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, seperti Gecko) Chrome/148.0.0.0 Safari/537.36" 182.9.33.161 - - [30/May/2026:23:22:33 +0300] "GET /registration/ HTTP/1.1" 404 11902 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36" 182.9.33.161 - - [30/May/2026:23:22:34 +0300] "GET /register/ HTTP/1.1" 404 11902 "-" "Mozilla/5. ... show less	Web App Attack Port Scan
🇮🇪 RoboSOC	2026-05-30 03:54:59 (1 week ago)	React Server Components Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇬🇧 knock	2026-05-26 06:26:36 (1 week ago)	Knock-Knock honeypot brute-force: SMB (1 total hits)	Brute-Force
🇦🇺 MAGIC	2026-03-07 00:41:44 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 matt	2026-03-03 23:43:12 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇳🇱 EGP Abuse Dept	2026-03-02 16:56:40 (3 months ago)	Scanning for port/service exploits on tpc-043.mach3builders.nl	Port Scan Hacking
🇮🇹 VHosting	2026-03-01 13:57:23 (3 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇸🇰 GOVCERT	2025-10-10 07:45:41 (7 months ago)	Sweep Scan	Port Scan
Anonymous	2025-10-04 12:36:46 (8 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 sthoyer.de	2025-09-16 09:11:01 (8 months ago)	Sep 16 11:11:00 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Sep 16 11:11:00 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=182.9.33.161 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=246 ID=30288 DF PROTO=TCP SPT=34566 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 170.247.222.189

🇨🇭 213.55.220.182

🇭🇰 199.45.155.105

🇲🇽 186.96.145.241

🇷🇺 81.30.212.94

🇺🇸 47.77.217.201

🇰🇷 220.80.92.17

🇲🇽 187.218.57.50

🇻🇪 186.188.59.185

🇦🇫 125.213.210.41

🇨🇳 124.72.224.69

🇫🇷 109.205.176.207

🇨🇳 106.12.69.68

🇬🇧 81.19.219.205

🇷🇴 80.94.92.187

🇫🇷 2001:41d0:33d:9200::401

🇺🇸 147.185.132.175

🇱🇹 141.98.11.83

🇳🇱 45.153.34.235

🇬🇧 35.203.211.28