JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.233

203.25.124.233 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.233

Whois 203.25.124.233

IP Abuse Reports for 203.25.124.233:

This IP address has been reported a total of 133 times from 59 distinct sources. 203.25.124.233 was first reported on March 9th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 netclix.gr	2026-06-18 20:46:41 (4 hours ago)	(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 203.25.124.233 (JP/Japan/-): 1 in the last 46 ... show more (bot_kill_mega) Aggressive Bot Blocked: Go-http-client 203.25.124.233 (JP/Japan/-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 203.25.124.233 - - [18/Jun/2026:23:46:36 +0300] "GET /wp-login.php?redirect_to=https%3A%2F%2Fstratosdiamantis.com%2Fwp-admin%2Fnetwork%2F&reauth=1 HTTP/2.0" 200 4902 "https://stratosdiamantis.com/wp-admin/network/" "Go-http-client/2.0" show less	Port Scan
Anonymous	2026-06-18 19:35:08 (5 hours ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇩🇪 SiyCah	2026-06-18 03:00:02 (22 hours ago)	IP banned by fail2ban; banned in jail apache-modsecurity. Report generated by fail2abuseipdb.	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 12:02:36 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 08:02:31.711113 2026] [security2:error] [pid 1330:tid 1330] [client 203.25.124.233:41635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knowyourcode.us"] [uri "/wp-includes/js/wp-config.php"] [unique_id "ajKM1ycZYsQKf1BrBjKIfQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:55:20 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 203.25.124.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 203.25.124.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:55:16.739921 2026] [security2:error] [pid 28979:tid 28979] [client 203.25.124.233:48547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mtshastaconcerts.com"] [uri "/wp-includes/wp-config.php"] [unique_id "ajJE1GyWDJoWkR20g_Tj2gAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-17 03:25:38 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 ghostwarriors	2026-06-17 03:20:44 (1 day ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 23:31:33 (2 days ago)	203.25.124.233 - - [17/Jun/2026:01:31:29 +0200] "GET /wp-includes/css/dist/admin.php HTTP/1.1" 404 1 ... show more 203.25.124.233 - - [17/Jun/2026:01:31:29 +0200] "GET /wp-includes/css/dist/admin.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 203.25.124.233 - - [17/Jun/2026:01:31:30 +0200] "GET /wp-content/security.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 203.25.124.233 - - [17/Jun/2026:01:31:31 +0200] "GET /wp-includes/interactivity-api/interactivity-api-core.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 203.25.124.233 - - [17/Jun/2026:01:31:32 +0200] "GET /wp-includes/canonical-loop.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 203.25.124.233 - - [17/Jun/2026:01:31:32 +0200] "GET /wp-includes/block-supports/align-query.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-16 21:10:14 (2 days ago)	Banned by Fail2Ban on server	Web App Attack
Anonymous	2026-06-16 19:28:23 (2 days ago)	Multiple, malicious web requests detected	Port Scan Hacking
Anonymous	2026-06-16 12:16:17 (2 days ago)	Automated vulnerability scanning and sensitive file probing against a secured web server. Attempted ... show more Automated vulnerability scanning and sensitive file probing against a secured web server. Attempted access to sensitive configuration files and common vulnerability paths. show less	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-06-16 11:10:34 (2 days ago)	203.25.124.233 - - [16/Jun/2026:14:10:33 +0300] "GET /wp-includes/js/codemirror/config.php HTTP/1.1" ... show more 203.25.124.233 - - [16/Jun/2026:14:10:33 +0300] "GET /wp-includes/js/codemirror/config.php HTTP/1.1" 404 715 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-09 20:56:21 (1 week ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-04 23:39:55 (2 weeks ago)	[osotir.org] httpd-suspicious-path: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log ... show more [osotir.org] httpd-suspicious-path: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; samples=/wp-content/wp-config-backup.php \| /wp-content/uploads/wp.php \| /wp-content/themes/news-portal/user-install.php show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-04 23:30:07 (2 weeks ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 221.159.119.6

🇺🇸 216.180.246.87

🇳🇱 213.177.179.62

🇹🇼 198.235.24.123

🇷🇺 130.49.181.91

🇧🇬 79.124.58.142

🇰🇪 196.216.93.69

🇺🇸 195.184.76.163

🇮🇳 182.95.233.86

🇳🇱 176.65.139.88

🇺🇸 173.88.99.206

🇮🇶 169.224.6.135

🇺🇸 162.216.149.168

🇺🇸 151.240.49.40

🇯🇵 138.2.29.190

🇭🇰 119.246.15.94

🇫🇷 91.231.89.42

🇱🇹 81.30.98.62

🇷🇺 80.253.31.232

🇧🇬 78.128.114.102