JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.175.125.142

203.175.125.142 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 64%: ?

64%

ISP	PT Radio Dutacakrawala Serasi
Usage Type	Fixed Line ISP
ASN	AS139952
Domain Name	radiodutacakrawalaserasi.co.id
Country	🇮🇩 Indonesia
City	Madiun, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.175.125.142

Whois 203.175.125.142

IP Abuse Reports for 203.175.125.142:

This IP address has been reported a total of 17 times from 11 distinct sources. 203.175.125.142 was first reported on June 16th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 soc-yk	2026-06-22 10:43:11 (6 hours ago)	Type: suspicious_network_activity Risk: 68 Events: 470 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 68 Events: 470 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇫🇷 SpaceHost-Server	2026-06-21 22:28:48 (18 hours ago)		Brute-Force Web App Attack
🇩🇪 webanyone	2026-06-21 09:00:32 (1 day ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇮🇩 soc-yk	2026-06-19 13:54:16 (3 days ago)	Type: suspicious_network_activity Risk: 96 Events: 52 Evidence: - Persistent suspicious network act ... show more Type: suspicious_network_activity Risk: 96 Events: 52 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇺🇦 URAN Publishing Service	2026-06-18 19:28:31 (3 days ago)	203.175.125.142 - - [18/Jun/2026:22:28:29 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 712 "-" "Mozill ... show more 203.175.125.142 - - [18/Jun/2026:22:28:29 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-18 10:45:40 (4 days ago)	203.175.125.142 - - [18/Jun/2026:13:45:35 +0300] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 45 ... show more 203.175.125.142 - - [18/Jun/2026:13:45:35 +0300] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 4534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 203.175.125.142 - - [18/Jun/2026:13:45:38 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-18 08:01:54 (4 days ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-includes/id3/license.txt/feed/	Web App Attack
🇮🇩 soc-yk	2026-06-18 07:18:11 (4 days ago)	Type: suspicious_network_activity Risk: 97 Events: 19 Evidence: - Persistent suspicious network act ... show more Type: suspicious_network_activity Risk: 97 Events: 19 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Threat escalation behavior observed show less	Port Scan Hacking
🇸🇬 pusathosting.com	2026-06-18 07:03:04 (4 days ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇮🇩 hermawan	2026-06-17 07:50:18 (5 days ago)	06/17/2026-14:50:17.348026 [Drop] [] [1:9129122:1] Suricata PHP User Agent [] [Classification: ... show more 06/17/2026-14:50:17.348026 [Drop] [] [1:9129122:1] Suricata PHP User Agent [] [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 203.175.125.142:50202 -> 103.166.156.58:80 ... show less	Email Spam Hacking
🇸🇪 KIDOS	2026-06-16 15:15:22 (6 days ago)	IIS malicious activity: high_400_error_rate (90% of requests are 400 errors)	Web App Attack
🇸🇪 KIDOS	2026-06-16 14:33:07 (6 days ago)	CrowdSec detected malicious activity	DDoS Attack
🇸🇪 KIDOS	2026-06-16 14:17:40 (6 days ago)	IIS malicious activity: multiple_404_errors	Web App Attack
🇩🇪 updown.io	2026-06-16 13:14:54 (6 days ago)	{"level":"info","ts":1781615676.9846349,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781615676.9846349,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"203.175.125.142","remote_port":"54089","client_ip":"203.175.125.142","proto":"HTTP/1.1","method":"GET","host":"status.api.chromatix.com.au","uri":"/","headers":{"Keep-Alive":["300"],"Connection":["keep-alive"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"],"Accept-Language":["en-US,en;q=0.5"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"]}},"bytes_read":0,"user_id":"","duration":0.000064934,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://status.api.chromatix.com.au/"]}} {"level":"info","ts":1781615677.4734874,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"203.175.125.142","remote_port":"54335","client_ip":"203.175.125.142","proto":"HTTP/1.1","method":" ... show less	DDoS Attack Web App Attack
🇮🇩 hermawan	2026-06-16 12:56:05 (6 days ago)	[Tue Jun 16 19:56:05.451264 2026] [security2:error] [pid 861991:tid 139770634163904] [client 203.175 ... show more [Tue Jun 16 19:56:05.451264 2026] [security2:error] [pid 861991:tid 139770634163904] [client 203.175.125.142:51577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "348"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "ajFH5WPu87MWtj8PIO5jQAAAAQs"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[862029] [kd1Md94XdT0] [ajFH5WPu87MWtj8PIO5jQAAAAQs] keep_alive=[0] [2026-06-16 19:56:05.451269] [R:ajFH5WPu87MWtj8PIO5jQAAAAQs] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Langua ... show less	Email Spam Hacking

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.242

🇺🇸 162.216.149.242

🇺🇸 74.82.47.30

🇨🇳 42.247.107.130

🇧🇴 181.114.83.155

🇷🇺 176.113.245.69

🇫🇮 147.185.133.143

🇮🇳 135.235.138.254

🇸🇨 45.194.67.27

🇨🇳 43.226.37.33

🇺🇸 40.76.124.195

🇯🇵 8.216.10.200

🇺🇸 2604:a880:2:d1:0:1:51e8:8001

🇭🇰 199.45.155.66

🇬🇧 193.163.125.10

🇧🇷 179.102.26.14

🇳🇱 176.65.148.158

🇺🇸 158.222.115.92

🇺🇸 71.31.176.7

🇺🇸 44.245.220.108