JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.140

203.25.124.140 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.140

Whois 203.25.124.140

IP Abuse Reports for 203.25.124.140:

This IP address has been reported a total of 148 times from 67 distinct sources. 203.25.124.140 was first reported on July 2nd 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 paissangroup	2026-06-20 03:34:41 (2 hours ago)	Multiple WAF Violations	Web App Attack
🇮🇩 soc-yk	2026-06-19 15:56:13 (13 hours ago)	Type: web_scanning Risk: 67 Events: 3833 Evidence: - Automated hostile web probing detected - Repea ... show more Type: web_scanning Risk: 67 Events: 3833 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified show less	Web App Attack
🇩🇪 LRob.fr	2026-06-19 07:15:04 (22 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇦🇹 Pingger Shikkoken	2026-06-19 01:19:45 (1 day ago)	2026-06-19T01:19:45+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-06-19T01:19:45+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=203.25.124.140 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x60 TTL=53 ID=43740 DF PROTO=TCP SPT=29213 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-19T01:19:46+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=203.25.124.140 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x60 TTL=53 ID=43741 DF PROTO=TCP SPT=29213 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-19T01:19:48+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=203.25.124.140 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x60 TTL=53 ID=43742 DF PROTO=TCP SPT=29213 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Hacking Bad Web Bot
Anonymous	2026-06-18 19:45:09 (1 day ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇺🇸 masterguru	2026-06-18 14:02:17 (1 day ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-147) show less	Bad Web Bot
🇩🇪 SiyCah	2026-06-18 03:00:02 (2 days ago)	IP banned by fail2ban; banned in jail apache-modsecurity. Report generated by fail2abuseipdb.	Hacking Brute-Force Web App Attack
🇩🇪 paissangroup	2026-06-17 23:16:21 (2 days ago)	Multiple WAF Violations	Web App Attack
🇧🇷 Halux	2026-06-17 15:31:18 (2 days ago)	203.25.124.140 Probing protected path or service	Web App Attack
🇩🇪 LRob.fr	2026-06-17 12:00:09 (2 days ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇫🇷 rellik	2026-06-17 05:36:00 (3 days ago)	Brute Force Scanning Critical Files & Directories, Potential Part of BotNet	Hacking DDoS Attack Brute-Force Web App Attack
🇩🇪 ghostwarriors	2026-06-17 03:21:10 (3 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 21:09:43 (3 days ago)	Banned by Fail2Ban on server	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-16 11:01:52 (3 days ago)	203.25.124.140 - - [16/Jun/2026:14:01:51 +0300] "GET /wp-content/users.php HTTP/1.1" 404 732 "http:/ ... show more 203.25.124.140 - - [16/Jun/2026:14:01:51 +0300] "GET /wp-content/users.php HTTP/1.1" 404 732 "http://book.ipiend.gov.ua/wp-content/users.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇩🇪 4server	2026-06-09 05:41:54 (1 week ago)	[TueJun0907:41:52.1415062026][security2:error][pid2435315:tid2435427][client203.25.124.140:0]ModSecu ... show more [TueJun0907:41:52.1415062026][security2:error][pid2435315:tid2435427][client203.25.124.140:0]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof\"rx/index\\\\\\\\.php\$\"against\"REQUEST_FILENAME\"required.[file\"/etc/apache2/conf.d/modsec_rules/51_asl_wordpress_extra.conf\"][line\"33\"][id\"333149\"][rev\"21\"][msg\"Atomicorp.comWAFRules:PossiblePHPwebshelldetectedandblocked\"][severity\"CRITICAL\"][hostname\"morandi-trasporti.ch\"][uri\"/wp-content/uploads/redux/config.php\"][unique_id\"aienoBq5ss3rcs8b2gG5hwAAAMw\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 176.101.56.126

🇨🇳 223.223.199.221

🇸🇬 209.97.168.5

🇳🇱 185.223.235.30

🇨🇳 106.37.72.234

🇮🇳 103.233.24.242

🇧🇬 95.87.248.223

🇳🇱 91.92.40.24

🇮🇳 65.0.20.26

🇺🇸 40.77.167.71

🇮🇩 36.95.194.50

🇺🇸 216.73.216.75

🇺🇸 212.119.47.168

🇷🇺 212.3.155.8

🇻🇪 170.81.145.238

🇮🇩 163.7.11.155

🇧🇬 94.155.124.98

🇷🇴 80.94.92.186

🇳🇱 45.148.10.152

🇧🇷 14.102.230.4