JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.209

203.25.124.209 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 75%: ?

75%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.209

Whois 203.25.124.209

IP Abuse Reports for 203.25.124.209:

This IP address has been reported a total of 88 times from 37 distinct sources. 203.25.124.209 was first reported on March 3rd 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-18 10:38:42 (5 days ago)	203.25.124.209 - - [18/Jun/2026:13:38:41 +0300] "GET /wp-content/plugins/core/core.php HTTP/1.1" 404 ... show more 203.25.124.209 - - [18/Jun/2026:13:38:41 +0300] "GET /wp-content/plugins/core/core.php HTTP/1.1" 404 714 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-18 07:45:27 (5 days ago)	203.25.124.209 - - [18/Jun/2026:10:45:21 +0300] "GET /wp-content/plugins/enhanced-text-widget/analys ... show more 203.25.124.209 - - [18/Jun/2026:10:45:21 +0300] "GET /wp-content/plugins/enhanced-text-widget/analyst/src/403x.php HTTP/1.1" 404 4689 "http://neonatology.bsmu.edu.ua/wp-content/plugins/enhanced-text-widget/analyst/src/403x.php" "Go-http-client/1.1" 203.25.124.209 - - [18/Jun/2026:10:45:23 +0300] "GET /wp-content/themes/news-portal/error.php HTTP/1.1" 404 737 "http://neonatology.bsmu.edu.ua/wp-content/themes/news-portal/error.php" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 02:12:18 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 22:12:13.178605 2026] [security2:error] [pid 27077:tid 27077] [client 203.25.124.209:43139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paguilar.com"] [uri "/wp-includes/js/wp-config.php"] [unique_id "ajICfVEYfsuXulPa2gA6WAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:53:58 (6 days ago)	(mod_security) mod_security (id:949110) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:949110) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:53:54.233133 2026] [security2:error] [pid 13640:tid 13640] [client 203.25.124.209:37257] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "mijn.photo"] [uri "/wp-content/wp-config.php"] [unique_id "ajHwIuaJWHtsoVI3G2FSlQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:28:52 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:28:49.170484 2026] [security2:error] [pid 6835:tid 6859] [client 203.25.124.209:51605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.hoffmanandassoc.com"] [uri "/wp-content/wp-config.php"] [unique_id "ajHqQQhwOqz_jQ1V_5CINAAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇿🇦 simon boshoff	2026-06-16 23:41:42 (6 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 23:35:35 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:35:31.611675 2026] [security2:error] [pid 32092:tid 32092] [client 203.25.124.209:24797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modmove.com"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "ajHdw_mTYiPrbaIDASaQ2wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 22:44:50 (6 days ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-16 20:39:19 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:39:11.565213 2026] [security2:error] [pid 12691:tid 12691] [client 203.25.124.209:52265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelcarrollgreen.com"] [uri "/wp-includes/js/wp-config.php"] [unique_id "ajG0b0k4QF6RVC_jNKp-1gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-16 17:33:55 (6 days ago)	Multiple WAF Violations	Web App Attack
🇪🇸 masterguru	2026-06-16 09:28:38 (1 week ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇫🇷 masterguru	2026-06-16 03:50:44 (1 week ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-193) show less	Bad Web Bot
🇫🇷 LRob.fr	2026-06-16 03:00:04 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇫🇷 masterguru	2026-06-16 01:50:11 (1 week ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195) show less	Bad Web Bot
🇦🇺 paulshipley.com.au	2026-06-12 23:36:28 (1 week ago)	balcomberetreat.com.au:443 203.25.124.209 - - [13/Jun/2026:09:36:26 +1000] "GET /adminfuns.php HTTP/ ... show more balcomberetreat.com.au:443 203.25.124.209 - - [13/Jun/2026:09:36:26 +1000] "GET /adminfuns.php HTTP/1.1" 404 72071 "http://balcomberetreat.com.au/adminfuns.php" "Go-http-client/1.1" ... show less	Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.184.107.139

🇳🇱 89.21.67.173

🇩🇪 188.245.232.184

🇳🇱 185.224.128.16

🇳🇱 176.65.139.247

🇫🇮 147.185.133.164

🇮🇪 108.131.170.9

🇺🇸 104.167.120.11

🇧🇬 79.124.40.138

🇧🇬 79.124.40.126

🇧🇬 78.128.114.102

🇺🇸 71.6.134.235

🇩🇪 69.5.169.154

🇺🇸 66.132.172.234

🇧🇬 193.24.211.107

🇻🇳 116.99.171.38

🇰🇷 112.164.252.183

🇮🇪 98.71.8.129

🇷🇴 80.94.95.242

🇷🇴 80.94.92.167