JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.190

203.25.124.190 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.190

Whois 203.25.124.190

IP Abuse Reports for 203.25.124.190:

This IP address has been reported a total of 89 times from 40 distinct sources. 203.25.124.190 was first reported on September 27th 2025, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-18 18:24:52 (10 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 LRob.fr	2026-06-18 08:15:07 (20 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 raph	2026-06-18 08:12:07 (20 hours ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:53:13 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:949110) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:53:06.636450 2026] [security2:error] [pid 4105:tid 4105] [client 203.25.124.190:49701] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "mijn.photo"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "ajHv8i8ZfmFdZcHiHGIfVQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-17 00:11:57 (2 days ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:09:03 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:08:58.946886 2026] [security2:error] [pid 27683:tid 27683] [client 203.25.124.190:39893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.konahawaii.com"] [uri "/wp-content/wp-config.php"] [unique_id "ajHlms0WEInaHY0ZhHpwSQAAAAY"], referer: http://konahawaii.com/wp-content/wp-config.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 23:02:12 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:02:05.389825 2026] [security2:error] [pid 11355:tid 11478] [client 203.25.124.190:44621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.koalacogs.com"] [uri "/wp-includes/js/wp-config.php"] [unique_id "ajHV7fYCyKWX0T8ajT08TAAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-06-16 22:48:27 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 21:59:36 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:59:30.396257 2026] [security2:error] [pid 22067:tid 22067] [client 203.25.124.190:41207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modestosoftwater.net"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "ajHHQsKHCeogiamm5Py7EwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-16 21:18:04 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 247	Exploited Host Web App Attack
🇺🇸 nyt	2026-06-16 20:14:35 (2 days ago)	Non-standard WP File, CGI Probe	Web App Attack
Anonymous	2026-06-16 20:07:26 (2 days ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇩🇪 Admin-Gito	2026-06-16 18:51:12 (2 days ago)	203.25.124.190 - - [16/Jun/2026:19:57:55 +0200] "GET /wp-includes/js/imgareaselect/config.php HTTP/1 ... show more 203.25.124.190 - - [16/Jun/2026:19:57:55 +0200] "GET /wp-includes/js/imgareaselect/config.php HTTP/1.1" 404 290752 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:00 +0200] "GET /wp-includes/includes.php HTTP/1.1" 404 290699 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:05 +0200] "GET /wp-includes/SimplePie/Parse/config.php HTTP/1.1" 404 290720 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:06 +0200] "GET /wp-includes/rest-api/search/config.php HTTP/1.1" 404 290720 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:09 +0200] "GET /wp-includes/js/login.php HTTP/1.1" 404 290699 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:12 +0200] "GET /wp-includes/main.php HTTP/1.1" 404 290695 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:18 +0200] "GET /wp-includes/SimplePie/XML/config.php HTTP/1.1" 404 290718 "-" "Go-http-client/1.1" 203.25.124.190 - - [16/Jun/2026:19:58:22 +0200] "GET /wp-includes/rest-api ... show less	Web App Attack
🇫🇷 Octopuce	2026-06-16 10:44:21 (2 days ago)	Aggressive web search of vulnerable pages: /wp-includes/blocks/media-text/ /wp-includes/Requests/src ... show more Aggressive web search of vulnerable pages: /wp-includes/blocks/media-text/ /wp-includes/Requests/src/Exception/ /wp-includes/blocks/gallery/ /w ... show less	Web App Attack
🇪🇸 masterguru	2026-06-16 09:32:50 (2 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (1100000-122) show less	Bad Web Bot

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.196

🇨🇳 180.97.199.2

🇻🇳 118.69.226.76

🇭🇰 103.30.40.129

🇮🇩 36.74.236.62

🇨🇳 180.153.197.99

🇺🇸 137.184.217.238

🇹🇭 119.42.96.25

🇷🇺 91.215.85.106

🇰🇬 89.237.200.187

🇩🇪 193.124.20.249

🇺🇸 180.178.51.110

🇩🇪 167.94.146.33

🇳🇬 152.32.141.176

🇵🇭 139.135.190.46

🇲🇾 102.211.234.171

🇳🇱 89.21.67.176

🇺🇸 74.7.244.4

🇺🇸 74.7.228.5

🇩🇪 64.89.163.165