JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 125.253.50.35

125.253.50.35 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 8%: ?

ISP	SUPERLOOP (AUSTRALIA) PTY LTD
Usage Type	Fixed Line ISP
ASN	AS38195
Hostname(s)	125-253-50-35.ip4.superloop.au
Domain Name	superloop.com
Country	🇦🇺 Australia
City	Adelaide, South Australia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 125.253.50.35

Whois 125.253.50.35

IP Abuse Reports for 125.253.50.35:

This IP address has been reported a total of 36 times from 13 distinct sources. 125.253.50.35 was first reported on September 3rd 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-05-19 22:49:36 (3 weeks ago)	[Wed May 20 05:49:33.409243 2026] [security2:error] [pid 325461:tid 140083100378816] [client 125.253 ... show more [Wed May 20 05:49:33.409243 2026] [security2:error] [pid 325461:tid 140083100378816] [client 125.253.50.35:13050] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "857"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /index.php/prediksi-iklim/prediksi-musim-tiap-6-bulan-sekali/prediksi-musim-kemarau/prediksi-sifat-hujan-musim-kemarau/per-kota-kabupaten/555563013-prediksi-6-bulanan-sifat-hujan-musim-kemarau-tahun-2026-di-kabupaten-pamekasan HTTP/2.0 Request URI RAW = /index.php/prediksi-iklim/prediksi-musim-tiap-6-bulan-sekali/prediksi-musim-kemarau/prediksi-s..."] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [ ... show less	Email Spam Hacking
🇮🇹 A000Z	2026-04-15 03:32:08 (1 month ago)	Fail2Ban: 125.253.50.35 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5. ... show more Fail2Ban: 125.253.50.35 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 show less	Bad Web Bot
🇺🇸 quilla	2026-04-03 03:20:35 (2 months ago)	Botnet infected device observed in honeypot (Vector: TCP)	DDoS Attack
🇨🇳 pengpeng	2026-03-09 19:42:07 (3 months ago)	monitor: on VM-0-7-ubuntu \| port: 46049 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 46049 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇷 rtbh.com.tr	2026-01-29 12:11:17 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-01-20 20:11:08 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇬🇧 Steptoe	2026-01-20 19:21:08 (4 months ago)	GET /wp-login.php POST /xmlrpc.php GET /wp-json/wp/v2/users Hostname: 125-253-50-35.ip4.superlo ... show more GET /wp-login.php POST /xmlrpc.php GET /wp-json/wp/v2/users Hostname: 125-253-50-35.ip4.superloop.au UAs: Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/119.0.0.0+Safari/537.36 Apache-HttpClient/4.5.13+(Java/11.0.29) show less	Web App Attack
🇩🇪 ghostwarriors	2026-01-18 23:20:33 (4 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 23:14:04 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): ... show more (mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 18:13:59.359230 2026] [security2:error] [pid 3763639:tid 3763639] [client 125.253.50.35:23792] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|citati.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "citati.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aW1pN03Qyl0c3rf2adwJowAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DaleCooper	2026-01-18 21:14:07 (4 months ago)	125.253.50.35 - - [18/Jan/2026:22:13:07 +0100] "GET /wp-login.php HTTP/1.1" 404 188 "https://www.goo ... show more 125.253.50.35 - - [18/Jan/2026:22:13:07 +0100] "GET /wp-login.php HTTP/1.1" 404 188 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 125.253.50.35 - - [18/Jan/2026:22:13:10 +0100] "GET /wp-login.php HTTP/1.1" 404 188 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-01-18 21:06:53 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): ... show more (mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 16:06:48.082043 2026] [security2:error] [pid 23496:tid 23496] [client 125.253.50.35:23704] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|darrenpeck.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "darrenpeck.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aW1LaK2z22FS96tn8bCUOgAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 20:12:18 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): ... show more (mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 15:12:11.888575 2026] [security2:error] [pid 31279:tid 31279] [client 125.253.50.35:23734] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|liberlibro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "liberlibro.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aW0-m8TY79EcUaW9NjFZLwAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 19:41:45 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): ... show more (mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 14:41:39.473186 2026] [security2:error] [pid 3140:tid 3140] [client 125.253.50.35:23590] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sekel.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sekel.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aW03c4fKvZC5sxCxodWenAAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Mainpine	2026-01-18 19:37:50 (4 months ago)	probing for vulnerable web apps	Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 18:37:00 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): ... show more (mod_security) mod_security (id:225170) triggered by 125.253.50.35 (125-253-50-35.ip4.superloop.au): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 13:36:53.358344 2026] [security2:error] [pid 1107637:tid 1107637] [client 125.253.50.35:23730] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jmgrigg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jmgrigg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aW0oRXK1BHUQ_EkTUGml0AAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.243.24.178

🇬🇧 191.96.110.39

🇸🇬 185.200.116.36

🇺🇸 170.247.221.178

🇺🇸 170.247.220.24

🇳🇱 95.85.226.199

🇺🇸 216.180.246.14

🇭🇰 199.45.154.179

🇺🇸 170.247.220.190

🇮🇳 125.16.27.190

🇫🇷 85.217.140.53

🇱🇹 81.30.98.62

🇩🇪 69.5.169.237

🇺🇸 64.62.197.34

🇺🇸 44.202.168.204

🇮🇳 38.137.11.14

🇰🇼 37.231.218.143

🇧🇪 35.240.5.52

🇰🇷 34.47.76.57

🇰🇷 222.118.59.16