JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.116.172.252

185.116.172.252 was found in our database!

This IP was reported 3 times. Confidence of Abuse is 4%: ?

ISP	NGS
Usage Type	Fixed Line ISP
ASN	AS25335
Domain Name	ngsuk.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	Ipswich, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.116.172.252

Whois 185.116.172.252

IP Abuse Reports for 185.116.172.252:

This IP address has been reported a total of 3 times from 1 distinct source. 185.116.172.252 was first reported on June 3rd 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-20 09:43:45 (6 hours ago)	[Sat Jun 20 16:43:44.418363 2026] [security2:error] [pid 341909:tid 140141900326592] [client 185.116 ... show more [Sat Jun 20 16:43:44.418363 2026] [security2:error] [pid 341909:tid 140141900326592] [client 185.116.172.252:43970] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bing.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bing.go.id found within REQUEST_HEADERS:Referer: https://www.bing.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "ajZg0JbO_ccSUAOrdD64iAAFTwE"], referer https://www.bing.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[341911] [2Ay/PmzV42s] [ajZg0JbO_ccSUAOrdD64iAAFTwE] keep_alive=[1] [2026-06-20 16:43:44.418373] [R:ajZg0JbO_ccSUAOrdD64iAAFTwE] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 17_ ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-09 11:23:48 (1 week ago)	[Tue Jun 09 18:23:44.073838 2026] [security2:error] [pid 474920:tid 139738873845440] [client 185.116 ... show more [Tue Jun 09 18:23:44.073838 2026] [security2:error] [pid 474920:tid 139738873845440] [client 185.116.172.252:47250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-dasarian/infografis-dasarian-analisis-kejadian-hujan-lebat"] [unique_id "aif3wPp7VEfrBGWS7MXbdwAAhwE"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[474922] [xjUaXJBoM5s] [aif3wPp7VEfrBGWS7MXbdwAAhwE] keep_alive=[1] [2026 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-03 02:51:54 (2 weeks ago)	[Wed Jun 03 09:51:51.108210 2026] [authz_core:error] [pid 65267:tid 139776352044736] [client 185.116 ... show more [Wed Jun 03 09:51:51.108210 2026] [authz_core:error] [pid 65267:tid 139776352044736] [client 185.116.172.252:47368] AH01630: client denied by server configuration: /var/www/index.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[65272] [ClxrglAHxk8] [ah-Wx8AK6SXnPSNbE3zA0wAAWAQ] keep_alive=[1] [2026-06-03 09:51:51.108213] [R:ah-Wx8AK6SXnPSNbE3zA0wAAWAQ] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 18_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1' Host:'staklim-jatim.bmkg.go.id:443' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 ... show less	Email Spam Hacking

Showing 1 to 3 of 3 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 188.212.240.165

🇺🇸 170.130.187.42

🇺🇸 45.131.195.207

🇨🇳 223.73.183.202

🇪🇬 196.129.68.45

🇬🇧 185.127.71.198

🇻🇳 103.9.77.247

🇳🇱 93.123.109.105

🇫🇷 91.231.89.197

🇺🇸 20.84.117.55

🇬🇪 2.57.217.229

🇻🇳 202.158.244.203

🇨🇳 182.92.104.215

🇺🇸 137.184.140.204

🇸🇬 86.48.10.22

🇺🇸 3.131.37.139

🇬🇧 193.32.209.226

🇦🇷 190.104.254.91

🇳🇬 165.154.11.48

🇺🇸 135.119.47.58