JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.122.130.152

185.122.130.152 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 12%: ?

12%

ISP	NGS
Usage Type	Fixed Line ISP
ASN	AS25335
Domain Name	ngsuk.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.122.130.152

Whois 185.122.130.152

IP Abuse Reports for 185.122.130.152:

This IP address has been reported a total of 8 times from 2 distinct sources. 185.122.130.152 was first reported on May 24th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-24 01:42:58 (2 days ago)	[Wed Jun 24 08:42:57.941732 2026] [security2:error] [pid 1305905:tid 140190034806464] [client 185.12 ... show more [Wed Jun 24 08:42:57.941732 2026] [security2:error] [pid 1305905:tid 140190034806464] [client 185.122.130.152:30160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-tahunan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-tahunan"] [unique_id "ajs2IWvb9OSNDaG52PA6oAABDgQ"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1305910] [DXK2/nUmi64] [ajs2IWvb9OSNDaG52PA6oAABDgQ] keep_alive=[1] [2026-06-24 08:42:57.941742] [R:ajs2IWvb9OSNDaG52PA6oAABDgQ] UA:'Mozilla/5.0 (Linux; Android 8; SM-S901B) AppleWe ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-23 03:28:10 (3 days ago)	[Tue Jun 23 10:28:05.977651 2026] [security2:error] [pid 8017:tid 140203489416896] [client 185.122.1 ... show more [Tue Jun 23 10:28:05.977651 2026] [security2:error] [pid 8017:tid 140203489416896] [client 185.122.130.152:16978] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-tahunan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-tahunan"] [unique_id "ajn9RSMNLQ3pWXPUo7FasQAA2BQ"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[8038] [fT/fWOPHZM0] [ajn9RSMNLQ3pWXPUo7FasQAA2BQ] keep_alive=[1] [2026-06-23 10:28:05.977659] [R:ajn9RSMNLQ3pWXPUo7FasQAA2BQ] UA:'Mozilla/5.0 (Linux; Android 13; SAMSUNG SM-S90 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-14 19:51:15 (1 week ago)	[Mon Jun 15 02:51:15.455997 2026] [security2:error] [pid 372448:tid 139672655222464] [client 185.122 ... show more [Mon Jun 15 02:51:15.455997 2026] [security2:error] [pid 372448:tid 139672655222464] [client 185.122.130.152:63166] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "188"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: ?id= found within SERVER_NAME: staklim-malang.info request_line = GET /index.php/profil/arsip-artikel?id=55&start=10 HTTP/1.1 Request URI RAW = /index.php/profil/arsip-artikel?id=55&start=10 Request Basename = arsip-artikel"] [hostname "staklim-malang.info"] [uri "/index.php/profil/arsip-artikel"] [unique_id "ai8GMzI-lkv5QRbM1PsxdQAAAAg"] [staklim-malang.info] [staklim-malang.info] top=[372483] [VoxZCPynWUA] [ai8GMzI-lkv5QRbM1PsxdQAAAAg] keep_alive=[0] [2026-06-15 02:51:15.456004] [R:ai8GMzI-lkv5QRbM ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-09 03:11:28 (2 weeks ago)	[Tue Jun 09 10:11:24.937467 2026] [security2:error] [pid 148703:tid 140246500824768] [client 185.122 ... show more [Tue Jun 09 10:11:24.937467 2026] [security2:error] [pid 148703:tid 140246500824768] [client 185.122.130.152:34256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "aieEXPskdwio0MB2YpqdggAAQwA"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[148712] [c2Zue8ne0bs] [aieEXPskdwio0MB2YpqdggAAQwA] keep_alive=[1] [2026-06-09 10:11:24.937471] [R:aieEXPskdwio0MB2YpqdggAAQwA] UA:'Mozilla/5.0 (Linux; Android 8.0.0; LG-H870DS Build/OPR1.170623.032) AppleWebKit/537.37 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36' Host: ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-05 05:59:32 (2 weeks ago)	[Fri Jun 05 12:59:29.050065 2026] [authz_core:error] [pid 784155:tid 140021626549952] [client 185.12 ... show more [Fri Jun 05 12:59:29.050065 2026] [authz_core:error] [pid 784155:tid 140021626549952] [client 185.122.130.152:35684] AH01630: client denied by server configuration: /var/matomo/gemini-jscompress-dev_13-05-2026_matomo_5_10_0.js, referer https://matomo.staklim-malang.info/ [matomo.staklim-malang.info] [matomo.staklim-malang.info] top=[784162] [Tv8fXXv+72Q] [aiJlwUXi2GInaAJm5YiTsgAAEgY] keep_alive=[1] [2026-06-05 12:59:29.050093] [R:aiJlwUXi2GInaAJm5YiTsgAAEgY] UA:'Mozilla/5.0 (Linux; Android 8.0.0; LG-H870DS Build/OPR1.170623.032) AppleWebKit/537.37 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36' Host:'matomo.staklim-malang.info:443' ACCEPT:'/' Referer:'https://matomo.staklim-malang.info/ Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-04 16:15:10 (3 weeks ago)	[Thu Jun 04 23:15:06.453365 2026] [security2:error] [pid 349811:tid 139763000538816] [client 185.122 ... show more [Thu Jun 04 23:15:06.453365 2026] [security2:error] [pid 349811:tid 139763000538816] [client 185.122.130.152:37134] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561581-mengenal-fenomena-la-nina-si-pembawa-hujan HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/infografis-iklim/infografis-klimat-story/555561581-mengenal-fenomena-la-nina-si-pembawa-hujan"] [unique_id "aiGkijN7QZUtfAe7r6O4YAAAANA"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[349880] [CDzt2K81D5c] [aiGkijN7QZUtfAe7r6O4YAAAANA] keep_a ... show less	Email Spam Hacking
🇫🇮 inlink.ltd	2026-05-31 07:21:18 (3 weeks ago)	WAF PoW failure, possible botnet behavior, IP mismatch, POST request made by 185.122.130.152 was not ... show more WAF PoW failure, possible botnet behavior, IP mismatch, POST request made by 185.122.130.152 was not IP who made PoW GET request earlier show less	DDoS Attack Exploited Host
🇮🇩 hermawan	2026-05-24 10:12:03 (1 month ago)	[Sun May 24 17:12:00.079877 2026] [security2:error] [pid 28262:tid 140518643123904] [client 185.122. ... show more [Sun May 24 17:12:00.079877 2026] [security2:error] [pid 28262:tid 140518643123904] [client 185.122.130.152:11386] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "857"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa HTTP/2.0 Request URI RAW = /index.php/profil/meteorologi/geofisika/555558585-poster-antisipasi-gempa Request Basename = 555558585-poster-antisipasi-gempa"] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP ... show less	Email Spam Hacking

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 194.165.16.166

🇫🇮 147.185.133.40

🇺🇸 147.185.132.81

🇺🇸 147.185.132.76

🇱🇻 81.30.98.44

🇳🇱 45.148.10.62

🇬🇧 35.203.210.94

🇪🇸 5.182.83.231

🇺🇸 205.210.31.84

🇷🇺 194.50.127.135

🇬🇧 188.240.59.37

🇺🇸 172.215.144.32

🇨🇳 171.108.182.210

🇺🇸 147.185.132.70

🇳🇱 88.210.63.69

🇫🇷 85.217.140.52

🇭🇰 74.125.179.151

🇺🇸 71.6.237.169

🇱🇹 45.227.254.170

🇹🇷 45.133.36.59