JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 125.164.21.10

125.164.21.10 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 28%: ?

28%

ISP	PT TELKOM INDONESIA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Sumedang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 125.164.21.10

Whois 125.164.21.10

IP Abuse Reports for 125.164.21.10:

This IP address has been reported a total of 26 times from 16 distinct sources. 125.164.21.10 was first reported on August 16th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 NAkio	2026-05-19 09:04:00 (1 month ago)	Illegal Resource Access, /.env(GET)	Bad Web Bot Web App Attack
🇧🇷 Sipo Chutão	2026-05-10 03:00:01 (1 month ago)	/.env	Hacking
🇩🇪 raph	2026-05-03 13:29:45 (1 month ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-03 08:18:33 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 04:18:25.184325 2026] [security2:error] [pid 29488:tid 29488] [client 125.164.21.10:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.c2cservices.com"] [uri "/.env"] [unique_id "afcE0UtLaT3EWrWkVVU8RwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 YF	2026-05-03 02:05:06 (1 month ago)	Environment file probe	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-03 01:20:01 (1 month ago)	125.164.21.10 - - [03/May/2026:04:19:59 +0300] "GET /.env HTTP/1.1" 404 3320 "-" "Mozilla/5.0 (Windo ... show more 125.164.21.10 - - [03/May/2026:04:19:59 +0300] "GET /.env HTTP/1.1" 404 3320 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 125.164.21.10 - - [03/May/2026:04:20:00 +0300] "GET /.env HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 15:41:16 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 11:41:09.462164 2026] [security2:error] [pid 3205:tid 3205] [client 125.164.21.10:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rodrigoaldecoa.com"] [uri "/.htaccess"] [unique_id "afYbFaXPk4tf_D1vDIrvzgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 conseilgouz	2026-05-02 14:52:58 (1 month ago)	hae-6 : Trying access system files=>/phpinfo.php(phpinfo.php)	Hacking
🇺🇸 TPI-Abuse	2026-05-02 10:51:45 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 06:51:41.421583 2026] [security2:error] [pid 28333:tid 28333] [client 125.164.21.10:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail-pmg.com"] [uri "/.env"] [unique_id "afXXPeLQVJNM5G5amZ8JBwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 S.O.B.A. Dev.	2026-05-02 10:42:28 (1 month ago)	Threat Blocked by BeeHive from (ASN:7713) (Network:PT Telekomunikasi Indonesia) (Host:soba.dev) (Met ... show more Threat Blocked by BeeHive from (ASN:7713) (Network:PT Telekomunikasi Indonesia) (Host:soba.dev) (Method:GET) (Protocol:HTTP/2) (Timestamp:2026-05-02T10:42:28Z) show less	Brute-Force Web Spam Web App Attack
🇮🇳 Genhost	2026-05-02 06:29:57 (1 month ago)	SCANNING OF PHP SHELL FILES	Brute-Force SSH
🇩🇪 conseilgouz	2026-05-02 05:34:08 (1 month ago)	mae-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 TPI-Abuse	2026-05-02 05:03:06 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 01:02:57.525451 2026] [security2:error] [pid 647:tid 647] [client 125.164.21.10:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hollyranch.com"] [uri "/.env"] [unique_id "afWFgcMIiZheMX5JRqnPagAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 02:52:21 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 125.164.21.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 22:52:17.125381 2026] [security2:error] [pid 19937:tid 19993] [client 125.164.21.10:24760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomi-thai.com.plumeraproductions.com"] [uri "/.env"] [unique_id "afVm4TnkGnRgt7k0yE88VQAAAYY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-01 21:42:22 (1 month ago)	125.164.21.10 - - [02/May/2026:00:42:19 +0300] "GET /.env HTTP/1.1" 404 3317 "-" "Mozilla/5.0 (X11; ... show more 125.164.21.10 - - [02/May/2026:00:42:19 +0300] "GET /.env HTTP/1.1" 404 3317 "-" "Mozilla/5.0 (X11; Linux x86_64) CrackEnv/1.2" 125.164.21.10 - - [02/May/2026:00:42:20 +0300] "GET /.env HTTP/1.1" 404 3332 "-" "Mozilla/5.0 (X11; Linux x86_64) CrackEnv/1.2" ... show less	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 119.46.148.53

🇩🇪 95.169.191.176

🇬🇧 35.203.211.183

🇮🇩 114.10.102.61

🇷🇴 80.94.92.234

🇩🇪 69.5.169.190

🇺🇸 66.132.172.100

🇨🇿 46.135.109.64

🇳🇱 45.148.10.240

🇩🇪 45.80.165.99

🇫🇮 34.88.83.20

🇳🇱 185.226.197.7

🇳🇱 185.107.80.93

🇹🇼 114.44.7.168

🇺🇸 104.156.150.215

🇺🇸 65.49.1.213

🇱🇹 62.60.130.219

🇬🇧 35.203.211.123

🇰🇷 183.96.62.29

🇨🇳 140.206.195.137