AbuseIPDB » 125.24.156.113
125.24.156.113
This IP was reported 8 times. Confidence of
Abuse
is 0% : ?
ISP
TOT Public Company Limited Bangkok
Usage Type
Fixed Line ISP
ASN
AS23969
Hostname(s)
node-uwh.pool-125-24.dynamic.nt-isp.net
Domain Name
totisp.net
Country
๐น๐ญ
Thailand
City
Nakhon Si Thammarat, Nakhon Si Thammarat
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 125.24.156.113 :
This IP address has been reported a total of
8
times from
7 distinct
sources.
125.24.156.113 was first reported on
November 3rd 2021 , and the most recent report was
2 months ago
Old Reports:
The most recent abuse report for this IP address is from
2 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฎ๐น
VHosting
2026-04-11 16:57:44
(2 months ago)
Detected mail brute force attack from 4 different servers
Brute-Force
๐ณ๐ฟ
Tripwire
2025-11-06 15:18:47
(7 months ago)
Wordpress login scanning
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-29 08:36:26
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 125.24.156.113 (node-uwh.pool-125-24.dynamic.nt ...
show more
(mod_security) mod_security (id:225170) triggered by 125.24.156.113 (node-uwh.pool-125-24.dynamic.nt-isp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 04:36:19.642531 2025] [security2:error] [pid 16055:tid 16055] [client 125.24.156.113:60887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||barigby.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barigby.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQHSA_JmPlK2J0VAzxCnqQAAAAw"], referer: https://barigby.com/wp-json/wp/v2/users/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-09 23:36:04
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 125.24.156.113 (node-uwh.pool-125-24.dynamic.to ...
show more
(mod_security) mod_security (id:225170) triggered by 125.24.156.113 (node-uwh.pool-125-24.dynamic.totinternet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 09 19:35:57.440185 2025] [security2:error] [pid 8857:tid 8857] [client 125.24.156.113:49434] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dvdmasters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dvdmasters.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aMC53YX7TUeFTn6Na_sJwgAAAAI"], referer: https://dvdmasters.com/wp-json/wp/v2/users/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Lorenzo Peterson
2022-01-17 02:17:20
(4 years ago)
Used in participation of a (D)DoS attack.
DDoS Attack
๐บ๐ธ
mnsf
2021-11-11 05:00:55
(4 years ago)
Xmlrpc Caught (6)
Brute-Force
Web App Attack
๐ฌ๐ง
sdos.es
2021-11-03 02:13:13
(4 years ago)
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:<?xml version ...
show more
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:<?xml version: <?xml version"
show less
Web App Attack
๐ป๐ณ
websase.com
2021-11-03 01:48:32
(4 years ago)
WordPress XMLRPC Brute Force Attacks
Brute-Force
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: