JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.83.39.26

203.83.39.26 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 53%: ?

53%

ISP	PT Garis Waktu Kita
Usage Type	Fixed Line ISP
ASN	AS63859
Domain Name	gwk.net.id
Country	🇮🇩 Indonesia
City	Medan, North Sumatra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.83.39.26

Whois 203.83.39.26

IP Abuse Reports for 203.83.39.26:

This IP address has been reported a total of 48 times from 35 distinct sources. 203.83.39.26 was first reported on January 22nd 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-23 19:20:37 (1 hour ago)	[Wed Jun 24 02:20:34.862216 2026] [security2:error] [pid 898323:tid 140190157792960] [client 203.83. ... show more [Wed Jun 24 02:20:34.862216 2026] [security2:error] [pid 898323:tid 140190157792960] [client 203.83.39.26:60341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET /index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/e-buletin-untuk-kota-dan-kabupaten-di-provinsi-jawa-timur"] [unique_id "ajrcgqzyBBlIksZyK7JbnQAAwhg"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[898348] [xKQup7BF8LI] [ajrcgqzyBBlIksZyK7JbnQAAwhg] keep_alive=[1] [2026-06-24 02:20:34.862223] [R:ajrcgqzyBBlIksZyK7JbnQAAwhg] UA:'Mozilla/5.0 (Linux; Android 8.0.0; SM-J33 ... show less	Email Spam Hacking
🇬🇧 PeravixGroup	2026-06-13 02:33:01 (1 week ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 gbzret4d	2026-06-08 08:38:31 (2 weeks ago)	Honeypot [uk-production01]: SMB traffic on port 445	Hacking
🇫🇷 sthoyer.de	2026-06-08 02:41:45 (2 weeks ago)	Jun 8 04:41:43 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Jun 8 04:41:43 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=203.83.39.26 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=29814 DF PROTO=TCP SPT=12692 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇮🇪 RoboSOC	2026-06-04 07:32:13 (2 weeks ago)	GPON Home Routers Remote Code Execution Vulnerability CVE 2018-10562, PTR: PTR record not found	Hacking
🇫🇷 geeek	2026-06-04 01:22:10 (2 weeks ago)	Port scanning: 445 TCP Blocked	Port Scan
🇵🇱 nfsec.pl	2026-06-02 16:03:14 (3 weeks ago)	Detected: TCP scan on port: 445 with flags: SYN	Port Scan
🇳🇱 EGP Abuse Dept	2026-05-31 06:05:41 (3 weeks ago)	Unsolicited connection to port 445	Port Scan Hacking
🇬🇧 Birdo	2026-05-30 22:18:21 (3 weeks ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-25 09:24:53 (4 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇨🇭 ALPHANET	2026-05-25 08:45:38 (4 weeks ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇩🇪 milcraft.nl	2026-05-19 00:31:53 (1 month ago)	Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ... show more Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse. show less	DDoS Attack Web App Attack
🇩🇪 check-the-sum.fr	2026-05-09 07:03:40 (1 month ago)	Port Scanning	Port Scan
🇩🇪 femboy.cat	2026-05-09 06:05:48 (1 month ago)	Port scan to tcp/445 from 203.83.39.26	Brute-Force
🇫🇷 sthoyer.de	2026-05-08 07:28:56 (1 month ago)	May 8 09:28:55 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more May 8 09:28:55 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=203.83.39.26 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=12878 DF PROTO=TCP SPT=26072 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2600:1f18:3120:f503:b59a:87a1:9d9e:1c9b

🇧🇷 138.121.37.50

🇧🇪 198.235.24.249

🇫🇮 147.185.133.116

🇯🇵 104.238.160.235

🇮🇳 103.76.59.180

🇱🇹 91.224.92.87

🇱🇹 77.90.185.249

🇮🇪 52.214.13.55

🇺🇸 45.144.113.128

🇺🇸 44.67.148.53

🇺🇸 34.105.27.70

🇺🇸 23.95.247.225

🇭🇰 8.217.111.158

🇲🇽 189.244.173.211

🇧🇷 189.62.148.210

🇺🇸 179.61.232.244

🇯🇵 153.164.207.88

🇯🇵 106.154.140.79

🇺🇸 104.152.52.136