JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.125.146.54

103.125.146.54 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 100%: ?

100%

ISP	IPXO-103-125-146-0-24
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	ipxo.com
Country	🇯🇵 Japan
City	Yokohama, Kanagawa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.125.146.54

Whois 103.125.146.54

IP Abuse Reports for 103.125.146.54:

This IP address has been reported a total of 177 times from 79 distinct sources. 103.125.146.54 was first reported on July 22nd 2023, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 ki3	2026-06-23 13:53:21 (14 hours ago)	Fail2Ban: Web App Attacks and Forum Spam 103.125.146.54 1782222799(JST)	Web Spam Bad Web Bot Web App Attack
🇬🇧 [email protected]	2026-06-23 00:30:39 (1 day ago)	...	Brute-Force SSH
Anonymous	2026-06-22 11:53:59 (1 day ago)	103.125.146.54 - - [22/Jun/2026:13:52:54 +0200] "POST /wp-login.php HTTP/1.1" 200 7945 "-" "Mozilla/ ... show more 103.125.146.54 - - [22/Jun/2026:13:52:54 +0200] "POST /wp-login.php HTTP/1.1" 200 7945 "-" "Mozilla/5.0" 103.125.146.54 - - [22/Jun/2026:13:52:55 +0200] "POST /wp-login.php HTTP/1.1" 200 7450 "-" "Mozilla/5.0" 103.125.146.54 - - [22/Jun/2026:13:52:55 +0200] "POST /wp-login.php HTTP/1.1" 200 7450 "-" "Mozilla/5.0" 103.125.146.54 - - [22/Jun/2026:13:52:54 +0200] "POST /wp-login.php HTTP/1.1" 200 7945 "-" "Mozilla/5.0" 103.125.146.54 - - [22/Jun/2026:13:53:57 +0200] "POST /wp-login.php HTTP/1.1" 200 7945 "-" "Mozilla/5.0" ... show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-20 07:30:08 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-18 23:58:12 (5 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 Kenshin869	2026-06-18 07:11:20 (5 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇬🇧 andypiper	2026-06-18 01:00:13 (6 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 maxpower	2026-06-18 00:17:00 (6 days ago)	(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 103.125.146.54 (JP/Japan/-): 3 in the last 360 ... show more (wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 103.125.146.54 (JP/Japan/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 103.125.146.54 - - [18/Jun/2026:02:13:55 +0200] "POST /xmlrpc.php HTTP/1.1" 404 157832 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=ramsesconsulting.it 103.125.146.54 - - [18/Jun/2026:02:15:32 +0200] "POST /xmlrpc.php HTTP/1.1" 404 158420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" "-" host=ramsesconsulting.it 103.125.146.54 - - [18/Jun/2026:02:16:54 +0200] "POST /xmlrpc.php HTTP/1.1" 404 157263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=ramsesconsulting.it show less	Port Scan
🇬🇷 setupgr	2026-06-16 11:16:26 (1 week ago)	(XMLRPC) WP XMLPRC Attack 103.125.146.54: 1 in the last 86400 secs; Ports: ; Direction: inout; Trig ... show more (XMLRPC) WP XMLPRC Attack 103.125.146.54: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 103.125.146.54 - - [16/Jun/2026:14:15:11 +0300] "GET /xmlrpc.php HTTP/1.1" 301 286 "-" "Go-http-client/1.1" show less	Port Scan
🇬🇷 setupgr	2026-06-16 07:55:13 (1 week ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.54: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.54: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 10:55:09.891317 2026] [security2:error] [pid 2280080:tid 2280120] [client 103.125.146.54:28791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-load.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-admin/wp-load.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.sea-sound.com"] [uri "/wp-admin/wp-load.php"] [unique_id "ajEBXcsskNLCXd8cDXQ1tAAAAA0"] show less	Port Scan
🇬🇷 setupgr	2026-06-16 01:42:59 (1 week ago)	(mod_security) mod_security (id:1000001) triggered by 103.125.146.54: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 103.125.146.54: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 04:42:58.096206 2026] [security2:error] [pid 1917071:tid 1917255] [client 103.125.146.54:36921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-load.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /wp-includes/images/wp-load.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-includes/images/wp-load.php"] [unique_id "ajCqInbrIXpbmq-1FoWqzAAAAQU"] show less	Port Scan
🇩🇪 LRob.fr	2026-06-13 20:00:03 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 bazter.pro	2026-06-13 19:14:28 (1 week ago)	Fail2Ban: apache-ratelimit - 20 failures	Port Scan Bad Web Bot Web App Attack
Anonymous	2026-06-13 13:21:31 (1 week ago)	Banned by Fail2Ban on server	Web App Attack
🇳🇱 Site.eu	2026-06-13 05:02:09 (1 week ago)	Excessive multi-domain requests	Brute-Force

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.203

🇺🇸 147.185.132.140

🇺🇸 50.87.144.37

🇹🇷 31.58.249.93

🇬🇧 185.247.137.46

🇩🇪 167.94.145.19

🇫🇮 147.185.133.241

🇩🇪 134.122.93.100

🇲🇴 125.31.2.160

🇨🇳 106.117.105.4

🇲🇾 47.250.81.241

🇬🇧 45.150.172.209

🇹🇷 31.58.249.84

🇹🇷 213.218.251.194

🇩🇪 193.124.20.236

🇺🇸 173.249.199.64

🇦🇺 119.252.26.82

🇺🇸 91.230.168.189

🇵🇱 83.168.95.29

🇳🇱 81.19.216.111