JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.125.146.38

103.125.146.38 was found in our database!

This IP was reported 166 times. Confidence of Abuse is 100%: ?

100%

ISP	IPXO-103-125-146-0-24
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	ipxo.com
Country	🇯🇵 Japan
City	Yokohama, Kanagawa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.125.146.38

Whois 103.125.146.38

IP Abuse Reports for 103.125.146.38:

This IP address has been reported a total of 166 times from 83 distinct sources. 103.125.146.38 was first reported on March 18th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-16 07:48:42 (1 day ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.38: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.38: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 10:48:38.863635 2026] [security2:error] [pid 2280080:tid 2280121] [client 103.125.146.38:65159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-content/admin.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-content/admin.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.sea-sound.com"] [uri "/wp-content/admin.php"] [unique_id "ajD_1ssskNLCXd8cDXQzlAAAAA4"] show less	Port Scan
🇬🇷 setupgr	2026-06-16 01:36:59 (1 day ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.38: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.38: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 04:36:54.300878 2026] [security2:error] [pid 1917011:tid 1917103] [client 103.125.146.38:55073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/1.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /1.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/1.php"] [unique_id "ajCotuBwCn2ogzWsBgDHrQAAAAo"] show less	Port Scan
🇩🇪 SCHAPPY	2026-06-14 14:47:03 (2 days ago)	Mutliple attempts to access forbidden web resources, HTTP code 403.	Web App Attack
🇩🇪 LRob.fr	2026-06-13 20:00:04 (3 days ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
Anonymous	2026-06-13 13:08:19 (3 days ago)	Banned by Fail2Ban on server	Web App Attack
🇺🇸 mnsf	2026-06-13 13:05:06 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-13 05:55:13 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 Ba-Yu	2026-06-13 02:56:57 (4 days ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇳🇱 BlueWire Hosting	2026-06-12 16:25:14 (4 days ago)	Probing websites for vulnerabilities	Web App Attack
🇩🇪 FeG Deutschland	2026-06-11 12:25:38 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇫🇷 masterguru	2026-06-11 06:38:56 (6 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195) show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-10 18:48:24 (6 days ago)	103.125.146.38 - - [10/Jun/2026:21:48:24 +0300] "GET /wp-content/plugins/tinymce-advanced/tinymce-ad ... show more 103.125.146.38 - - [10/Jun/2026:21:48:24 +0300] "GET /wp-content/plugins/tinymce-advanced/tinymce-advanced.php HTTP/1.1" 404 708 "http://www.semst.onu.edu.ua/wp-content/plugins/tinymce-advanced/tinymce-advanced.php" "Go-http-client/1.1" ... show less	Web App Attack
🇲🇾 Rizzy	2026-06-10 09:36:27 (6 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇮🇩 soc-yk	2026-06-09 17:06:14 (1 week ago)	Type: suspicious_network_activity Risk: 68 Events: 628 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 68 Events: 628 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇦🇹 Pingger Shikkoken	2026-06-09 12:25:26 (1 week ago)	2026-06-09T12:25:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-09T12:25:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=103.125.146.38 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=64048 DF PROTO=TCP SPT=51973 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-09T12:25:27+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=103.125.146.38 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=64049 DF PROTO=TCP SPT=51973 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-09T12:25:29+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=103.125.146.38 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=64050 DF PROTO=TCP SPT=51973 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot

Showing 1 to 15 of 166 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:332::180

🇺🇸 193.202.8.182

🇰🇬 178.217.169.90

🇵🇭 143.44.197.140

🇨🇳 111.122.172.154

🇷🇺 87.250.9.98

🇷🇺 81.23.173.32

🇺🇸 71.28.96.208

🇰🇿 37.151.132.29

🇨🇳 36.251.141.8

🇬🇧 35.203.211.112

🇺🇸 193.203.8.214

🇫🇷 171.33.66.8

🇰🇷 125.138.166.217

🇭🇰 116.48.143.166

🇧🇬 94.155.124.98

🇺🇸 64.62.156.151

🇺🇸 64.62.156.66

🇺🇸 57.141.20.2

🇳🇱 45.148.10.147