JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.20.33.125

185.20.33.125 was found in our database!

This IP was reported 856 times. Confidence of Abuse is 100%: ?

100%

ISP	GCI Network Solutions Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8851
Domain Name	nasstar.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	Salford, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.20.33.125

Whois 185.20.33.125

IP Abuse Reports for 185.20.33.125:

This IP address has been reported a total of 856 times from 99 distinct sources. 185.20.33.125 was first reported on April 30th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 securejdprop	2026-06-20 10:35:17 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇸🇪 peterh	2026-06-20 05:32:00 (2 days ago)	185.20.33.125 - - [20/Jun/2026:02:23:35 +0200] "GET /admin/config.php HTTP/1.0" 404 461 "-" "xfa1"	Bad Web Bot Web App Attack Hacking
🇬🇧 openstrike.co.uk	2026-06-20 05:13:28 (2 days ago)	8 attacks on PHP URLs: GET /admin/config.php HTTP/1.1	Web App Attack
🇫🇷 pm33	2026-06-20 04:25:27 (2 days ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇨🇿 rawnullbyte	2026-06-20 02:06:02 (2 days ago)	🚨 Honeypot triggered! 🖥️ System: NPot 🎯 Target: Unknown 🛣️ Path: /admin/config.php 👤 Attacker IP: 18 ... show more 🚨 Honeypot triggered! 🖥️ System: NPot 🎯 Target: Unknown 🛣️ Path: /admin/config.php 👤 Attacker IP: 185.20.33.125 ⏰ Time: 2026-06-20 02:06:02 📡 User-Agent: xfa1 show less	Web App Attack
🇩🇪 Hary74656	2026-06-20 02:05:28 (2 days ago)	[Sat Jun 20 04:05:26.501925 2026] [core:info] [pid 445598:tid 445694] [client 185.20.33.125:61001] A ... show more [Sat Jun 20 04:05:26.501925 2026] [core:info] [pid 445598:tid 445694] [client 185.20.33.125:61001] AH00128: File does not exist: /home/harald/www/default_host/admin/config.php ... show less	Bad Web Bot
Anonymous	2026-06-20 02:04:44 (2 days ago)	automatically banned	Brute-Force Web App Attack
🇩🇪 lumbermatt_de	2026-06-20 01:36:04 (2 days ago)	Vulnerability exploit attack detected	Web App Attack
🇨🇿 Honzas	2026-06-20 01:34:39 (2 days ago)	Unsolicited connection attemp, port 443/TCP	Brute-Force
🇳🇱 ReyhZhao	2026-06-20 01:33:50 (2 days ago)	Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was ... show more Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was identified within the request arguments, triggering a security rule designed to prevent application attacks. show less	Brute-Force
🇺🇸 crooze.net	2026-06-20 01:21:02 (2 days ago)	185.20.33.125 - - [19/Jun/2026:21:21:01 -0400] "GET /config.php HTTP/1.1" 444 0 "-" "Mozilla/5.0" .. ... show more 185.20.33.125 - - [19/Jun/2026:21:21:01 -0400] "GET /config.php HTTP/1.1" 444 0 "-" "Mozilla/5.0" ... show less	Web App Attack
Anonymous	2026-06-20 00:44:36 (2 days ago)	185.20.33.125 46.39.185.24 - [20/Jun/2026:02:44:32 +0200] "GET /admin/config.php HTTP/1.1" 404 158 " ... show more 185.20.33.125 46.39.185.24 - [20/Jun/2026:02:44:32 +0200] "GET /admin/config.php HTTP/1.1" 404 158 "-" "Mozilla/5.0" ... show less	Hacking Web App Attack
🇦🇹 services.org.pl	2026-06-20 00:29:21 (2 days ago)	open() "/var/www/html/config.php" failed (2: No such file or directory), client: 185.20.33.125, serv ... show more open() "/var/www/html/config.php" failed (2: No such file or directory), client: 185.20.33.125, server: api.services.org.pl, request: "GET /config.php HTTP/1.1", host: "46.102.157.176:443" show less	Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2026-06-20 00:23:50 (2 days ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/admin/config.php, Method:GET, UA:xfa1	Port Scan Web App Attack Bad Web Bot
🇫🇷 ingroscart.it	2026-06-20 00:21:50 (2 days ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection

Showing 1 to 15 of 856 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 125.212.244.35

🇮🇶 65.20.198.159

🇭🇰 42.200.66.164

🇨🇳 202.105.98.252

🇺🇦 154.6.41.180

🇵🇱 109.243.5.158

🇮🇩 103.242.107.131

🇧🇬 91.92.128.197

🇨🇳 58.57.154.146

🇲🇾 49.125.201.89

🇲🇾 49.124.152.145

🇮🇳 45.114.181.16

🇯🇵 43.133.187.11

🇵🇰 39.49.231.103

🇭🇺 37.76.42.221

🇷🇴 141.98.83.240

🇮🇳 103.232.235.74

🇺🇿 94.158.58.192

🇲🇾 49.124.151.64

🇨🇳 27.24.141.156