JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.188

203.25.124.188 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 84%: ?

84%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.188

Whois 203.25.124.188

IP Abuse Reports for 203.25.124.188:

This IP address has been reported a total of 97 times from 49 distinct sources. 203.25.124.188 was first reported on April 7th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-24 18:44:09 (1 hour ago)	203.25.124.188 - - [24/Jun/2026:21:44:08 +0300] "GET /wp-includes/Requests/library/ HTTP/1.1" 404 71 ... show more 203.25.124.188 - - [24/Jun/2026:21:44:08 +0300] "GET /wp-includes/Requests/library/ HTTP/1.1" 404 710 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-24 13:51:10 (6 hours ago)	203.25.124.188 - - [24/Jun/2026:16:51:09 +0300] "GET /wp-content/plugins/admin.php HTTP/1.1" 404 708 ... show more 203.25.124.188 - - [24/Jun/2026:16:51:09 +0300] "GET /wp-content/plugins/admin.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-24 10:50:22 (9 hours ago)	203.25.124.188 - - [24/Jun/2026:13:50:21 +0300] "GET /wp-content/updates.php HTTP/1.1" 404 721 "-" " ... show more 203.25.124.188 - - [24/Jun/2026:13:50:21 +0300] "GET /wp-content/updates.php HTTP/1.1" 404 721 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-24 08:08:24 (12 hours ago)	203.25.124.188 - - [24/Jun/2026:11:08:23 +0300] "GET /wp-content/plugins/Iitespeed-cache/157.php HTT ... show more 203.25.124.188 - - [24/Jun/2026:11:08:23 +0300] "GET /wp-content/plugins/Iitespeed-cache/157.php HTTP/1.1" 404 707 "-" "Go-http-client/1.1" 203.25.124.188 - - [24/Jun/2026:11:08:23 +0300] "GET /wp-includes/certificates/ HTTP/1.1" 404 707 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇩🇪 raph	2026-06-18 08:12:51 (6 days ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-17 01:00:39 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:09:04 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:08:57.357541 2026] [security2:error] [pid 26954:tid 26954] [client 203.25.124.188:31023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konahawaii.com"] [uri "/wp-content/wp-config.php"] [unique_id "ajHlmW2349WLcFxwTdXCoAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 23:34:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:34:26.126466 2026] [security2:error] [pid 23651:tid 23651] [client 203.25.124.188:23971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modmove.com"] [uri "/wp-includes/wp-config.php"] [unique_id "ajHdgtGf_uxacakEBfw2RQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 23:00:51 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:00:47.164579 2026] [security2:error] [pid 11358:tid 11496] [client 203.25.124.188:50713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.koalacogs.com"] [uri "/wp-includes/wp-config.php"] [unique_id "ajHVn-96emyunJyZ7K5BxQAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 22:44:09 (1 week ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇩🇪 paissangroup	2026-06-16 22:42:26 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 17:10:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 13:10:27.502398 2026] [security2:error] [pid 7409:tid 7409] [client 203.25.124.188:56225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaldaragroup.com"] [uri "/wp-includes/js/wp-config.php"] [unique_id "ajGDg-7-dDP9IjXGxsMRxwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-16 15:58:26 (1 week ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 dtorrer	2026-06-16 14:08:01 (1 week ago)	General vulnerability scan.	Port Scan
🇺🇸 TPI-Abuse	2026-06-16 11:41:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 07:41:49.567221 2026] [security2:error] [pid 5589:tid 5692] [client 203.25.124.188:62797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maroontribe.philacentric.com"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "ajE2fTGXvQSRcHp4PHrFvAAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 97 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 2a09:bac5:51db:2e3c::49b:34

🇳🇬 165.154.11.206

🇨🇳 125.124.42.183

🇨🇦 67.71.55.209

🇬🇧 217.154.38.181

🇺🇸 199.232.210.172

🇸🇬 118.26.111.107

🇨🇳 113.56.35.44

🇨🇳 101.126.66.30

🇩🇪 47.245.128.58

🇳🇱 45.148.10.151

🇳🇱 45.148.10.30

🇧🇪 35.205.140.253

🇺🇸 216.226.77.30

🇧🇪 198.235.24.234

🇨🇱 186.189.101.200

🇳🇱 176.65.139.181

🇨🇳 129.28.84.30

🇮🇳 103.197.112.152

🇺🇦 82.24.224.151