JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.132

203.25.124.132 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.132

Whois 203.25.124.132

IP Abuse Reports for 203.25.124.132:

This IP address has been reported a total of 155 times from 69 distinct sources. 203.25.124.132 was first reported on March 9th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 LRob.fr	2026-06-28 03:45:03 (4 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇳🇱 BlueWire Hosting	2026-06-28 02:08:19 (6 hours ago)	Probing websites for vulnerabilities	Web App Attack
🇪🇸 masterguru	2026-06-27 16:57:37 (15 hours ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇩🇪 Admin-Gito	2026-06-27 10:10:14 (22 hours ago)	203.25.124.132 - - [27/Jun/2026:12:02:39 +0200] "GET /wp-includes/classwithtostring.php HTTP/2.0" 40 ... show more 203.25.124.132 - - [27/Jun/2026:12:02:39 +0200] "GET /wp-includes/classwithtostring.php HTTP/2.0" 404 354985 "http://erp-management.de/wp-includes/classwithtostring.php" "Go-http-client/2.0" 203.25.124.132 - - [27/Jun/2026:12:03:24 +0200] "GET /wp-includes/config.php HTTP/2.0" 404 354992 "http://erp-management.de/wp-includes/config.php" "Go-http-client/2.0" 203.25.124.132 - - [27/Jun/2026:12:03:35 +0200] "GET /wp-includes/block-patterns/chosen.php HTTP/2.0" 404 354989 "http://erp-management.de/wp-includes/block-patterns/chosen.php" "Go-http-client/2.0" 203.25.124.132 - - [27/Jun/2026:12:03:39 +0200] "GET /wp-includes/chosen.php HTTP/2.0" 404 354983 "http://erp-management.de/wp-includes/chosen.php" "Go-http-client/2.0" 203.25.124.132 - - [27/Jun/2026:12:03:45 +0200] "GET /wp-includes/wp-conflg.php HTTP/2.0" 404 354968 "http://erp-management.de/wp-includes/wp-conflg.php" "Go-http-client/2.0" 203.25.124.132 - - [27/Jun/2026:12:03:57 +0200] "GET /wp-includes/widgets/chosen.php HTTP/2.0" 40 ... show less	Web App Attack
🇦🇺 2000cn.com.au	2026-06-27 03:13:55 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-wordpress-scan	Web App Attack Hacking
🇳🇱 0xffffffff	2026-06-26 23:42:34 (1 day ago)	[2026-06-27 02:42:30.199884] [authz_core:error] [pid 1067725:tid 136825206023872] [client 203.25.124 ... show more [2026-06-27 02:42:30.199884] [authz_core:error] [pid 1067725:tid 136825206023872] [client 203.25.124.132:0] AH01630: client denied by server configuration: /var/www//3PJcpMFsD8B.php, referer http:///3PJcpMFsD8B.php , error_notes:missing-php , URI:'/3PJcpMFsD8B.php' [2026-06-27 02:42:31.100528] [authz_core:error] [pid 1067724:tid 136825357207232] [client 203.25.124.132:0] AH01630: client denied by server configuration: /var/www//admin.php, referer http:///admin.php , error_notes:missing-php , URI:'/admin.php' [2026-06-27 02:42:31.489709] [authz_core:error] [pid 1067725:tid 136825197614784] [client 203.25.124.132:0] AH01630: client denied by server configuration: /var/www//edit-tags.php, referer http:///edit-tags.php , error_notes:missing-php , URI:'/edit-tags.php' [2026-06-27 02:42:31.886945] [authz_core:error] [pid 1067724:tid 136825348814528] [client 203.25.124.132:0] AH01630: client denied by server configuration: /var/www//goods.php, referer http:///goods.php , error_notes:missing-php , URI:'/goods show less	Web App Attack Bad Web Bot
🇩🇪 4server	2026-06-26 14:59:02 (1 day ago)	[FriJun2616:58:57.6800352026][security2:error][pid2950630:tid2950643][client203.25.124.132:0]ModSecu ... show more [FriJun2616:58:57.6800352026][security2:error][pid2950630:tid2950643][client203.25.124.132:0]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof\"rx/index\\\\\\\\.php\$\"against\"REQUEST_FILENAME\"required.[file\"/etc/apache2/conf.d/modsec_rules/51_asl_wordpress_extra.conf\"][line\"33\"][id\"333149\"][rev\"21\"][msg\"Atomicorp.comWAFRules:PossiblePHPwebshelldetectedandblocked\"][severity\"CRITICAL\"][hostname\"prstartup.ch\"][uri\"/wp-content/uploads/wp-sync-db/admin.php\"][unique_id\"aj6Tsa2tMX-Jhf8SJij0PAAAAEQ\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 paissangroup	2026-06-25 13:46:26 (2 days ago)	Multiple WAF Violations	Web App Attack
🇳🇱 BlueWire Hosting	2026-06-25 11:53:18 (2 days ago)	Probing websites for vulnerabilities	Web App Attack
🇬🇧 Apache	2026-06-25 09:26:42 (2 days ago)	(mod_security) mod_security (id:20000010) triggered by 203.25.124.132 (JP/Japan/-): 5 in the last 30 ... show more (mod_security) mod_security (id:20000010) triggered by 203.25.124.132 (JP/Japan/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-24 12:00:38 (3 days ago)	(mod_security) mod_security (id:1000001) triggered by 203.25.124.132 (JP/Japan/Osaka/Osaka/-/[AS1374 ... show more (mod_security) mod_security (id:1000001) triggered by 203.25.124.132 (JP/Japan/Osaka/Osaka/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 15:00:35.478993 2026] [security2:error] [pid 2470:tid 2581] [client 203.25.124.132:41045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/ioxi-o.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /ioxi-o.php"] [severity "CRITICAL"] [tag "security"] [hostname "ftiaxtomonosou.gr"] [uri "/ioxi-o.php"] [unique_id "ajvG49tqdXtSkN1ATUzXfgAAAQo"] show less	Port Scan
🇩🇪 ghostwarriors	2026-06-24 10:20:44 (3 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-24 09:31:14 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇬🇧 andypiper	2026-06-24 01:01:19 (4 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-24 00:15:06 (4 days ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 123.245.84.175

🇺🇸 64.236.140.184

🇺🇸 64.62.156.52

🇩🇪 51.75.156.166

🇫🇷 37.59.204.146

🇺🇸 35.193.84.200

🇻🇳 27.79.43.34

🇺🇸 2001:470:1:c84::89

🇺🇸 192.163.244.125

🇩🇪 185.201.138.35

🇳🇱 185.82.72.165

🇩🇪 164.90.236.107

🇫🇮 147.185.133.127

🇮🇳 124.123.14.99

🇨🇳 112.6.227.209

🇨🇳 111.229.202.56

🇬🇭 102.223.92.101

🇧🇾 81.30.98.142

🇺🇸 66.29.142.197

🇪🇬 62.193.91.121