JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.125.146.51

103.125.146.51 was found in our database!

This IP was reported 176 times. Confidence of Abuse is 100%: ?

100%

ISP	IPXO-103-125-146-0-24
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	ipxo.com
Country	🇯🇵 Japan
City	Yokohama, Kanagawa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.125.146.51

Whois 103.125.146.51

IP Abuse Reports for 103.125.146.51:

This IP address has been reported a total of 176 times from 76 distinct sources. 103.125.146.51 was first reported on March 18th 2023, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-22 11:58:55 (11 hours ago)	103.125.146.51 - - [22/Jun/2026:13:57:01 +0200] "POST /wp-login.php HTTP/1.1" 200 7947 "-" "Mozilla/ ... show more 103.125.146.51 - - [22/Jun/2026:13:57:01 +0200] "POST /wp-login.php HTTP/1.1" 200 7947 "-" "Mozilla/5.0" 103.125.146.51 - - [22/Jun/2026:13:57:02 +0200] "POST /wp-login.php HTTP/1.1" 200 7452 "-" "Mozilla/5.0" 103.125.146.51 - - [22/Jun/2026:13:57:57 +0200] "POST /wp-login.php HTTP/1.1" 200 7450 "-" "Mozilla/5.0" 103.125.146.51 - - [22/Jun/2026:13:57:56 +0200] "POST /wp-login.php HTTP/1.1" 200 7945 "-" "Mozilla/5.0" 103.125.146.51 - - [22/Jun/2026:13:58:53 +0200] "POST /wp-login.php HTTP/1.1" 200 7945 "-" "Mozilla/5.0" ... show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-20 04:43:21 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-18 23:57:45 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 Kenshin869	2026-06-18 07:11:53 (4 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇩🇪 LRob.fr	2026-06-18 06:45:11 (4 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇬🇧 andypiper	2026-06-18 01:00:12 (4 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 maxpower	2026-06-18 00:17:00 (4 days ago)	(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 103.125.146.51 (JP/Japan/-): 3 in the last 360 ... show more (wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 103.125.146.51 (JP/Japan/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 103.125.146.51 - - [18/Jun/2026:02:14:05 +0200] "POST /xmlrpc.php HTTP/1.1" 404 157526 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=ramsesconsulting.it 103.125.146.51 - - [18/Jun/2026:02:14:39 +0200] "POST /xmlrpc.php HTTP/1.1" 404 157341 "-" "Mozilla/5.0 (Linux; Android 11; Nokia G50) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.61 Mobile Safari/537.36" "-" host=ramsesconsulting.it 103.125.146.51 - - [18/Jun/2026:02:16:57 +0200] "POST /xmlrpc.php HTTP/1.1" 404 157228 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=ramsesconsulting.it show less	Port Scan
🇬🇷 setupgr	2026-06-16 11:18:02 (6 days ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.51: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.51: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 14:17:56.949524 2026] [security2:error] [pid 2210175:tid 2210226] [client 103.125.146.51:26011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-includes/js/tinymce/themes/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-includes/js/tinymce/themes/about.php"] [unique_id "ajEw5H9oGssBgNwsPFuMfgAAAEU"] show less	Port Scan
🇬🇷 setupgr	2026-06-16 07:50:37 (6 days ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.51: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.51: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 10:50:37.157825 2026] [security2:error] [pid 2210295:tid 2210429] [client 103.125.146.51:40669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/class.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-admin/class.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.sea-sound.com"] [uri "/wp-admin/class.php"] [unique_id "ajEATYHi3fYqxwKQHNZ_PQAAAco"] show less	Port Scan
🇬🇷 setupgr	2026-06-16 01:45:54 (6 days ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.51: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.51: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 04:45:51.877287 2026] [security2:error] [pid 1917011:tid 1917100] [client 103.125.146.51:62235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /wp-content/plugins/wordpress-seo/admin/import/plugins/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-content/plugins/wordpress-seo/admin/import/plugins/about.php"] [unique_id "ajCqz-BwCn2ogzWsBgDIjAAAAAk"] show less	Port Scan
🇮🇪 Jim Keir	2026-06-15 01:10:57 (1 week ago)	2026-06-15 01:10:57 103.125.146.51 File scanning, blocking 103.125.146.51 for 5 minutes	Web App Attack
🇩🇪 LRob.fr	2026-06-14 17:30:05 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇳🇱 Site.eu	2026-06-13 15:56:51 (1 week ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-13 13:06:48 (1 week ago)	Banned by Fail2Ban on server	Web App Attack
🇳🇱 BlueWire Hosting	2026-06-12 16:27:26 (1 week ago)	Probing websites for vulnerabilities	Web App Attack

Showing 1 to 15 of 176 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 216.73.162.150

🇰🇷 112.151.178.49

🇺🇸 2602:80d:1008::2f

🇺🇸 208.84.101.94

🇨🇳 112.86.225.197

🇸🇬 103.189.234.96

🇸🇬 101.47.15.119

🇹🇭 49.231.192.36

🇵🇰 39.62.159.26

🇮🇳 20.244.18.126

🇨🇴 8.243.166.66

🇮🇷 5.219.152.94

🇷🇴 2.57.122.238

🇬🇧 172.68.229.129

🇨🇳 114.132.126.52

🇺🇸 91.230.168.108

🇸🇬 47.236.107.39

🇺🇸 20.9.26.126

🇨🇷 201.194.204.205

🇮🇳 182.95.228.194