JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 201.182.50.4

201.182.50.4 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 28%: ?

28%

ISP	ULTRANET NETWORK
Usage Type	Fixed Line ISP
ASN	AS267521
Domain Name	ultranet.psi.br
Country	🇧🇷 Brazil
City	Coronel Fabriciano, Minas Gerais

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 201.182.50.4

Whois 201.182.50.4

IP Abuse Reports for 201.182.50.4:

This IP address has been reported a total of 11 times from 10 distinct sources. 201.182.50.4 was first reported on January 16th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 cibersecoptidata	2026-06-03 02:51:05 (1 day ago)	Port scan / Unsolicited traffic.	Port Scan
Anonymous	2026-06-03 02:13:40 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇩 hermawan	2026-05-27 04:19:20 (1 week ago)	[Wed May 27 11:19:19.909942 2026] [security2:error] [pid 491678:tid 139875715114688] [client 201.182 ... show more [Wed May 27 11:19:19.909942 2026] [security2:error] [pid 491678:tid 139875715114688] [client 201.182.50.4:61874] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "815"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur HTTP/2.0 Request URI RAW = /index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur Request Basename = deterministik-curah-hujan-provinsi-jawa-timur"] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "parano ... show less	Email Spam Hacking
Anonymous	2026-04-26 08:40:27 (1 month ago)	RdpGuard detected brute-force attempt on IMAP	Brute-Force
🇺🇸 TPI-Abuse	2026-04-08 01:00:11 (1 month ago)	(mod_security) mod_security (id:225080) triggered by 201.182.50.4 (201-182-50-4.static.ultranet.psi. ... show more (mod_security) mod_security (id:225080) triggered by 201.182.50.4 (201-182-50-4.static.ultranet.psi.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 21:00:04.125691 2026] [security2:error] [pid 1701201:tid 1701201] [client 201.182.50.4:33218] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:C" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)\|\|www.cerrovictoria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cerrovictoria.com"] [uri "/WordPress/wp-includes/js/mediaelement/"] [unique_id "adWolEqwpc8D6m0KDXF18AAAAAM"], referer: http://www.cerrovictoria.com/WordPress/wp-includes/js/mediaelement/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-01-18 11:48:33 (4 months ago)	tcp/23 (2 or more attempts)	Port Scan
Anonymous	2026-01-12 16:52:06 (4 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-11-22 22:52:11 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-09-01 10:03:01 (9 months ago)	http-no-verb	Hacking
🇺🇸 ph	2025-06-26 16:19:56 (11 months ago)	Bad web bot attempting to run wp-login.php on non-WP site	Hacking Bad Web Bot Web App Attack
🇳🇱 Synk	2024-01-16 09:10:40 (2 years ago)	Honeypot login attempt	Brute-Force

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.185

🇰🇷 175.198.62.180

🇫🇷 161.97.122.225

🇺🇸 147.182.241.81

🇨🇳 111.19.212.140

🇫🇷 91.196.152.18

🇺🇸 67.205.155.82

🇻🇳 36.50.55.254

🇬🇧 35.203.210.37

🇧🇪 34.76.178.2

🇺🇸 13.86.115.189

🇻🇳 171.231.176.86

🇭🇰 168.76.131.178

🇭🇰 156.238.236.179

🇺🇸 147.182.247.10

🇰🇷 116.125.120.27

🇵🇱 91.193.18.148

🇸🇬 13.212.204.154

🇸🇬 8.222.228.70

🇮🇸 213.181.107.100