JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 36.83.125.217

36.83.125.217 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 100%: ?

100%

ISP	PT TELKOM INDONESIA Menara Multimedia Lt.7 Jl. Kebon sirih No.12 JAKARTA
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Wanaraja, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 36.83.125.217

Whois 36.83.125.217

IP Abuse Reports for 36.83.125.217:

This IP address has been reported a total of 54 times from 45 distinct sources. 36.83.125.217 was first reported on June 3rd 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 dominioz	2026-06-05 03:20:10 (3 hours ago)	2026-06-05 03:19:14 GET /phpinfo.php - - 36.83.125.217 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64; ... show more 2026-06-05 03:19:14 GET /phpinfo.php - - 36.83.125.217 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/58.0.3029.110+Safari/537.3 - 404 34424 2026-06-05 03:19:18 GET /test.php - - 36.83.125.217 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/58.0.3029.110+Safari/537.3 - 404 34424 2026-06-05 03:19:21 GET /_profiler/phpinfo - - 36.83.125.217 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/58.0.3029.110+Safari/537.3 - 404 34424 2026-06-05 03:19:25 GET /.env/.env.bak - - 36.83.125.217 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/58.0.3029.110+Safari/537.3 - 404 5194 ... show less	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-05 03:19:45 (3 hours ago)	[Fri Jun 05 13:19:44.728469 2026] [security2:error] [pid 585525] [client 36.83.125.217:60339] [clien ... show more [Fri Jun 05 13:19:44.728469 2026] [security2:error] [pid 585525] [client 36.83.125.217:60339] [client 36.83.125.217] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/.env/.env.bak"] [unique_id "aiJAUNiZ5JlMlBznpApbsAAAAAU"] ... show less	Web App Attack
🇩🇪 todix	2026-06-05 02:11:26 (5 hours ago)	Web App Attack Exploid from 36.83.125.217	Web App Attack
🇧🇷 Halux	2026-06-05 01:31:16 (5 hours ago)	36.83.125.217 Probing protected path or service	Web App Attack
🇩🇪 maxpower	2026-06-05 00:54:36 (6 hours ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 36.83.125.217 (ID/Indonesia/-): 2 in the ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 36.83.125.217 (ID/Indonesia/-): 2 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026/06/05 02:54:18 [error] 2119756#2119756: 1487250 access forbidden by rule, client: 36.83.125.217, server: confartigianato.pe.it, request: "GET /xmlrpc.php HTTP/1.1", host: "www.confartigianato.pe.it" 36.83.125.217 - - [05/Jun/2026:02:54:31 +0200] "GET /.aws/credentials HTTP/1.1" 404 52990 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=www.confartigianato.pe.it show less	Port Scan
Anonymous	2026-06-05 00:00:21 (7 hours ago)	Scanning/Probing activity detected.	Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-04 23:18:43 (7 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 IVski	2026-06-04 22:09:23 (9 hours ago)	IVski WAF \| Webshell probe detected - requesting common script extensions	Port Scan Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-04 22:01:56 (9 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-03. show less	Web App Attack SSH Hacking
🇩🇪 4server	2026-06-04 21:42:42 (9 hours ago)	[ThuJun0423:42:27.3653812026][security2:error][pid3958724:tid3958880][client36.83.125.217:0]ModSecur ... show more [ThuJun0423:42:27.3653812026][security2:error][pid3958724:tid3958880][client36.83.125.217:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"www.bozza.avcolor.ch\"][uri\"/js/html5shiv.min.js\"][unique_id\"aiHxQ9GQP5fOZ9fGd5mD8gAAANM\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 interbiznw.com	2026-06-04 20:38:55 (10 hours ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
Anonymous	2026-06-04 19:58:28 (11 hours ago)	36.83.125.217 - - [04/Jun/2026:19:58:27 +0000] "GET /_profiler/phpinfo HTTP/1.1" 302 515 "-" "Mozill ... show more 36.83.125.217 - - [04/Jun/2026:19:58:27 +0000] "GET /_profiler/phpinfo HTTP/1.1" 302 515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Bad Web Bot Web App Attack
🇺🇸 SLSLLC	2026-06-04 18:36:55 (12 hours ago)	36.83.125.217 - - [04/Jun/2026:18:36:54 +0000] "GET /.env/.env.bak HTTP/2.0" 403 1928 "-" "Mozilla/5 ... show more 36.83.125.217 - - [04/Jun/2026:18:36:54 +0000] "GET /.env/.env.bak HTTP/2.0" 403 1928 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Brute-Force Web App Attack
🇱🇺 conseilgouz	2026-06-04 17:30:23 (13 hours ago)	are-6 : Trying access system files=>/phpinfo.php(phpinfo.php)	Hacking
🇷🇺 DZBOT	2026-06-04 17:25:11 (13 hours ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4023:1000::121

🇨🇳 223.109.141.9

🇳🇱 213.177.179.12

🇰🇷 211.106.137.135

🇩🇪 209.38.251.46

🇺🇸 194.180.236.153

🇧🇬 193.24.211.247

🇨🇳 101.96.200.56

🇷🇴 80.94.92.168

🇺🇸 64.62.197.5

🇬🇧 35.203.210.30

🇧🇪 34.156.17.42

🇫🇷 147.79.103.181

🇺🇸 97.107.141.150

🇳🇱 45.148.10.240

🇬🇧 35.203.211.57

🇲🇺 197.225.146.23

🇩🇪 167.94.145.21

🇺🇿 93.188.80.28

🇺🇸 64.49.38.221