JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.175.125.147

203.175.125.147 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 65%: ?

65%

ISP	PT Radio Dutacakrawala Serasi
Usage Type	Fixed Line ISP
ASN	AS139952
Domain Name	radiodutacakrawalaserasi.co.id
Country	🇮🇩 Indonesia
City	Madiun, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.175.125.147

Whois 203.175.125.147

IP Abuse Reports for 203.175.125.147:

This IP address has been reported a total of 79 times from 38 distinct sources. 203.175.125.147 was first reported on April 6th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ✨	2026-06-19 01:56:12 (1 day ago)	Domain : redirect.netenergy.uk Rule : config 2026-06-19 01:55:11 217.194.210.152 GET /.vscode/sftp.j ... show more Domain : redirect.netenergy.uk Rule : config 2026-06-19 01:55:11 217.194.210.152 GET /.vscode/sftp.json - 80 - 203.175.125.147 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 - computersupport.uk 404 0 2 1475 226 428 - - show less	Hacking SQL Injection
🇩🇪 conseilgouz	2026-06-18 20:41:13 (1 day ago)	ece-17 : Block hidden directories=>/.vscode/sftp.json(/)	Hacking
🇩🇪 FeG Deutschland	2026-06-15 01:40:33 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 conseilgouz	2026-06-14 17:59:25 (5 days ago)	sae-17 : Block hidden directories=>/.vscode/sftp.json(/)	Hacking
🇬🇧 openstrike.co.uk	2026-06-14 05:13:57 (6 days ago)	2 attacks on password grabbing URLs: GET /.vscode/sftp.json HTTP/1.1	Hacking
🇬🇧 poundawebsiteltd	2026-06-13 16:44:57 (1 week ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 203.175.125.147 - - [13/Jun/2026: ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 203.175.125.147 - - [13/Jun/2026:17:44:55 +0100] GET /sftp-config.json HTTP/1.1 403 214 - Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-13 05:14:10 (1 week ago)	4 attacks on password grabbing URLs: GET /.vscode/sftp.json HTTP/1.1	Hacking
🇲🇽 octageeks.com	2026-06-13 04:16:43 (1 week ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:54:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:54:18.465795 2026] [security2:error] [pid 9721:tid 9721] [client 203.175.125.147:53838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theproducers.com"] [uri "/sftp-config.json"] [unique_id "aiu7KhnhKd_p9fEsLD9GkQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 05:28:15 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 01:28:10.767243 2026] [security2:error] [pid 15211:tid 15211] [client 203.175.125.147:55274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teakprop.com"] [uri "/sftp-config.json"] [unique_id "aiuY6q2J5bDR-wnaPQcC0wAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:43:33 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:43:26.379704 2026] [security2:error] [pid 10728:tid 10728] [client 203.175.125.147:55308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/sftp-config.json"] [unique_id "aiuObgEYDklr3CECmAk_0AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:18:31 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:18:27.200657 2026] [security2:error] [pid 15855:tid 15855] [client 203.175.125.147:51673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thesexysketch.com"] [uri "/sftp-config.json"] [unique_id "aiuIkxtIl62kqFPlBKmGeQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:01:20 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:01:16.655788 2026] [security2:error] [pid 12978:tid 13001] [client 203.175.125.147:51141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totalbodycare753.com"] [uri "/sftp-config.json"] [unique_id "aiuEjLv7gV7GjZWRHFG8WQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 03:34:15 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 23:34:10.364207 2026] [security2:error] [pid 5099:tid 5099] [client 203.175.125.147:58390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomslawmd.com"] [uri "/sftp-config.json"] [unique_id "ait-MqNsGNZpvO22lrAElQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 03:04:10 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 203.175.125.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 23:04:05.973408 2026] [security2:error] [pid 30917:tid 30917] [client 203.175.125.147:54499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steinmetzjewelers.com"] [uri "/sftp-config.json"] [unique_id "ait3JUnz5jFaxm46krox7AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 79 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.154

🇺🇸 66.132.195.41

🇱🇹 45.227.254.170

🇻🇪 200.75.134.42

🇺🇸 155.103.69.40

🇺🇸 98.89.204.118

🇮🇹 83.229.8.197

🇸🇪 2a0d:bbc7::f816:3eff:fee6:ca14

🇧🇷 177.23.134.108

🇫🇮 147.185.133.51

🇩🇪 136.243.144.177

🇿🇦 102.129.61.158

🇸🇪 77.95.172.42

🇳🇱 45.148.10.152

🇫🇷 2400:cb00:532:1000:5ea6:ab35:9478:e103

🇺🇸 216.73.217.169

🇨🇭 213.221.155.84

🇧🇴 190.181.27.37

🇲🇦 160.176.170.193

🇸🇬 159.65.143.47