JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.28

203.25.124.28 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.28

Whois 203.25.124.28

IP Abuse Reports for 203.25.124.28:

This IP address has been reported a total of 102 times from 55 distinct sources. 203.25.124.28 was first reported on July 31st 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 solution.it	2026-06-14 06:04:36 (2 hours ago)	[Sun Jun 14 08:04:36.020235 2026] [php7:error] [pid 3600983:tid 3600983] [client 203.25.124.28:40197 ... show more [Sun Jun 14 08:04:36.020235 2026] [php7:error] [pid 3600983:tid 3600983] [client 203.25.124.28:40197] script '/var/www/html/internetriders.org/wp-includes/html-api/chosen.php' not found or unable to stat show less	Web App Attack
🇮🇩 soc-yk	2026-06-14 04:56:13 (3 hours ago)	Type: suspicious_network_activity Risk: 85 Events: 722 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 85 Events: 722 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇺🇦 URAN Publishing Service	2026-06-14 04:27:43 (4 hours ago)	203.25.124.28 - - [14/Jun/2026:07:27:42 +0300] "GET /wp-includes/wp-conflg.php HTTP/1.1" 404 718 "-" ... show more 203.25.124.28 - - [14/Jun/2026:07:27:42 +0300] "GET /wp-includes/wp-conflg.php HTTP/1.1" 404 718 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 19:41:02 (13 hours ago)	203.25.124.28 - - [13/Jun/2026:22:41:02 +0300] "GET /wp-admin/about.php HTTP/1.1" 404 708 "-" "Go-ht ... show more 203.25.124.28 - - [13/Jun/2026:22:41:02 +0300] "GET /wp-admin/about.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
Anonymous	2026-06-13 17:14:54 (15 hours ago)	203.25.124.28 - - [13/Jun/2026:19:14:48 +0200] "GET /wp-content/plugins/wp-duplicate-page/config.php ... show more 203.25.124.28 - - [13/Jun/2026:19:14:48 +0200] "GET /wp-content/plugins/wp-duplicate-page/config.php HTTP/1.1" 404 55007 "-" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:19:14:51 +0200] "GET /wp-content/plugins/wp-settings.php HTTP/1.1" 404 55003 "-" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:19:14:51 +0200] "GET /wp-content/languages/plugins/load.php HTTP/1.1" 404 55008 "-" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:19:14:52 +0200] "GET /wp-content/plugins/elementor/assets/lib/pickr/themes/wp-links-opml.php HTTP/1.1" 404 55006 "-" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:19:14:53 +0200] "GET /wp-content/plugins/header-footer-elementor/themes/load.php HTTP/1.1" 404 55006 "-" "Go-http-client/1.1" ... show less	Brute-Force Web App Attack
🇺🇸 antlac1	2026-06-13 15:57:19 (16 hours ago)	crowdsecurity/http-wordpress-scan	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 14:51:49 (18 hours ago)	203.25.124.28 - - [13/Jun/2026:17:51:48 +0300] "GET /wp-content/themes/bbn.php HTTP/1.1" 404 706 "-" ... show more 203.25.124.28 - - [13/Jun/2026:17:51:48 +0300] "GET /wp-content/themes/bbn.php HTTP/1.1" 404 706 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-06-13 09:36:27 (23 hours ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 09:17:30 (23 hours ago)	203.25.124.28 - - [13/Jun/2026:12:17:29 +0300] "GET /wp-includes/images/autoload_classmap.php HTTP/1 ... show more 203.25.124.28 - - [13/Jun/2026:12:17:29 +0300] "GET /wp-includes/images/autoload_classmap.php HTTP/1.1" 404 708 "http://www.semst.onu.edu.ua/wp-includes/images/autoload_classmap.php" "Go-http-client/1.1" ... show less	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-13 08:23:11 (1 day ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.28 - - [13/Jun/2026:09:23:10 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.28 - - [13/Jun/2026:09:23:10 +0100] GET /files/ HTTP/1.1 403 158 - Go-http-client/1.1 show less	Web App Attack
🇨🇦 electronico	2026-06-13 05:13:14 (1 day ago)	203.25.124.28 - - [13/Jun/2026:16:13:06 +1100] "GET /wp-admin/images/as.php HTTP/1.1" 404 65473 "htt ... show more 203.25.124.28 - - [13/Jun/2026:16:13:06 +1100] "GET /wp-admin/images/as.php HTTP/1.1" 404 65473 "http://cttmd.nc/wp-admin/images/as.php" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:16:13:07 +1100] "GET /wp-content/languages/classwithtostring.php HTTP/1.1" 404 61659 "http://cttmd.nc/wp-content/languages/classwithtostring.php" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:16:13:08 +1100] "GET /wp-content/maintenance/ HTTP/1.1" 404 61659 "http://cttmd.nc/wp-content/maintenance/" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:16:13:08 +1100] "GET /66.php HTTP/1.1" 404 61659 "http://cttmd.nc/66.php" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:16:13:09 +1100] "GET /wp-admin/admin-post-interpreter.php HTTP/1.1" 404 61659 "http://cttmd.nc/wp-admin/admin-post-interpreter.php" "Go-http-client/1.1" 203.25.124.28 - - [13/Jun/2026:16:13:10 +1100] "GET /cgi-bin/wp-conflg.php HTTP/1.1" 404 2049 "http://cttmd.nc/cgi-bin/wp-conflg.php" "Go-http-client/1.1" 203.25.124.28 - - [ ... show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-13 02:40:15 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇩🇪 burlacu.org	2026-06-13 02:39:07 (1 day ago)	Nginx multi-log analysis detected: admin_probe. Evidence: Admin panel probing with 20 attempts. Bloc ... show more Nginx multi-log analysis detected: admin_probe. Evidence: Admin panel probing with 20 attempts. Blocked automatically. show less	Hacking Brute-Force
🇩🇪 4server	2026-06-13 01:54:18 (1 day ago)	[SatJun1303:54:15.0326132026][security2:error][pid394645:tid394766][client203.25.124.28:0]ModSecurit ... show more [SatJun1303:54:15.0326132026][security2:error][pid394645:tid394766][client203.25.124.28:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"biling.maurokorangraf.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiy4R7wwx4eawMiRAuhlyQAAAQo\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 todix	2026-06-12 20:46:12 (1 day ago)	Web App Attack Exploid from 203.25.124.28	Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.158

🇺🇸 64.235.39.27

🇮🇩 182.9.36.153

🇺🇸 159.89.225.201

🇩🇪 151.123.177.124

🇺🇸 143.244.152.176

🇨🇳 123.187.243.243

🇮🇳 115.96.198.25

🇵🇹 87.103.84.236

🇮🇶 65.20.167.78

🇳🇱 45.198.224.190

🇩🇪 43.228.157.10

🇸🇬 43.128.70.79

🇺🇸 2604:a880:400:d1:0:4:9631:1001

🇮🇳 203.190.153.90

🇬🇧 185.91.122.91

🇺🇸 162.216.150.60

🇹🇼 128.14.237.120

🇬🇧 92.207.4.157

🇳🇱 193.176.31.155