JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 183.182.120.49

183.182.120.49 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 100%: ?

100%

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS131267
Hostname(s)	dynamic-adsl.unitel.com.la
Domain Name	apnic.net
Country	🇱🇦 Lao People's Democratic Republic
City	Savannakhet, Savannakhet Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 183.182.120.49

Whois 183.182.120.49

IP Abuse Reports for 183.182.120.49:

This IP address has been reported a total of 36 times from 27 distinct sources. 183.182.120.49 was first reported on March 26th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-24 14:21:26 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-24 13:56:04 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇩🇪 Marc	2026-06-24 09:01:30 (1 day ago)	183.182.120.49 - - [24/Jun/2026:11:01:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3300 "-" "Jetpack by ... show more 183.182.120.49 - - [24/Jun/2026:11:01:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3300 "-" "Jetpack by WordPress.com" 183.182.120.49 - - [24/Jun/2026:11:01:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "Jetpack/12.0; WordPress/6.2; http://site47085909.com" 183.182.120.49 - - [24/Jun/2026:11:01:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "WordPress.com; https://wordpress.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 08:33:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 183.182.120.49 (dynamic-adsl.unitel.com.la): 1 ... show more (mod_security) mod_security (id:240335) triggered by 183.182.120.49 (dynamic-adsl.unitel.com.la): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 04:33:26.682451 2026] [security2:error] [pid 11654:tid 11654] [client 183.182.120.49:3044] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 183.182.120.49 (+1 hits since last alert)\|pharmaceuticalsalescareerhub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescareerhub.com"] [uri "/xmlrpc.php"] [unique_id "ajuWVnR4rV9-yzk8HXTpZwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-24 08:00:21 (1 day ago)	(wordpress) Failed wordpress login from 183.182.120.49 (LA/Laos/dynamic-adsl.unitel.com.la)	Brute-Force
Anonymous	2026-06-24 06:33:32 (1 day ago)		Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-24 06:31:59 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 03:46:09 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 183.182.120.49 (dynamic-adsl.unitel.com.la): 1 ... show more (mod_security) mod_security (id:240335) triggered by 183.182.120.49 (dynamic-adsl.unitel.com.la): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:46:04.062750 2026] [security2:error] [pid 24177:tid 24177] [client 183.182.120.49:2157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 183.182.120.49 (+1 hits since last alert)\|drayvian.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drayvian.com"] [uri "/xmlrpc.php"] [unique_id "ajtS_PYAmB22JWwU6551qgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-24 03:12:01 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 13:53:47 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 183.182.120.49 (dynamic-adsl.unitel.com.la): 1 ... show more (mod_security) mod_security (id:240335) triggered by 183.182.120.49 (dynamic-adsl.unitel.com.la): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 09:53:41.294019 2026] [security2:error] [pid 25229:tid 25229] [client 183.182.120.49:2134] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 183.182.120.49 (+1 hits since last alert)\|4115thewestford.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "4115thewestford.com"] [uri "/xmlrpc.php"] [unique_id "ajqP5cUmXnatv4uicD7UBQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 noise.agency	2026-06-23 13:51:25 (2 days ago)	(wordpress) Failed wordpress login from 183.182.120.49 (LA/Laos/dynamic-adsl.unitel.com.la)	Brute-Force
🇫🇮 YF	2026-06-23 10:00:32 (2 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇪🇸 masterguru	2026-06-23 09:14:30 (2 days ago)	(xmlrpc) Failed xmlrpc access from 183.182.120.49 (LA/Laos/dynamic-adsl.unitel.com.la): 5 in the las ... show more (xmlrpc) Failed xmlrpc access from 183.182.120.49 (LA/Laos/dynamic-adsl.unitel.com.la): 5 in the last 3600 secs (0-122) show less	Hacking
🇬🇧 NotCool	2026-06-23 07:38:22 (2 days ago)	(XMLRPC) WP XMLPRC Attack 183.182.120.49 (LA/Laos/dynamic-adsl.unitel.com.la): 50 in the last 3600 s ... show more (XMLRPC) WP XMLPRC Attack 183.182.120.49 (LA/Laos/dynamic-adsl.unitel.com.la): 50 in the last 3600 secs show less	Web App Attack
Anonymous	2026-06-23 05:59:30 (2 days ago)	[ns19.kdns.gr] httpd-xmlrpc-post: sites=microtech.com.cy; logs=/var/log/httpd/domains/microtech.com. ... show more [ns19.kdns.gr] httpd-xmlrpc-post: sites=microtech.com.cy; logs=/var/log/httpd/domains/microtech.com.cy.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.46.255.86

🇺🇦 46.150.68.126

🇺🇸 216.25.89.104

🇸🇾 205.209.65.70

🇱🇧 185.184.84.85

🇳🇱 176.65.139.181

🇸🇬 161.118.220.167

🇮🇳 117.214.25.114

🇮🇳 117.199.71.39

🇩🇿 105.103.128.158

🇭🇰 103.158.29.100

🇮🇩 103.101.229.35

🇱🇻 81.30.98.144

🇩🇪 69.5.169.178

🇺🇸 64.60.113.178

🇳🇱 45.153.34.87

🇧🇩 203.99.145.189

🇹🇼 198.235.24.100

🇺🇸 192.178.119.212

🇫🇮 147.185.133.73