JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.50

203.25.124.50 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.50

Whois 203.25.124.50

IP Abuse Reports for 203.25.124.50:

This IP address has been reported a total of 129 times from 64 distinct sources. 203.25.124.50 was first reported on March 16th 2025, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-17 08:28:02 (10 hours ago)	(mod_security) mod_security (id:1000001) triggered by 203.25.124.50 (JP/Japan/Osaka/Osaka/-/[AS13740 ... show more (mod_security) mod_security (id:1000001) triggered by 203.25.124.50 (JP/Japan/Osaka/Osaka/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 17 11:27:58.386146 2026] [security2:error] [pid 2280080:tid 2280107] [client 203.25.124.50:55575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-content/themes/twentytwentytwo/assets/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.fashionfragonard.gr"] [uri "/wp-content/themes/twentytwentytwo/assets/about.php"] [unique_id "ajJajssskNLCXd8cDXSi4wAAAAA"] show less	Port Scan
Anonymous	2026-06-17 05:45:09 (13 hours ago)	Web attack blocked by Wordfence on mezzia.nl (10 hits). Reported by CRMON.	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-16 06:02:47 (1 day ago)	203.25.124.50 - - [16/Jun/2026:09:02:47 +0300] "GET /wp-admin/includes/ HTTP/1.1" 404 708 "-" "Go-ht ... show more 203.25.124.50 - - [16/Jun/2026:09:02:47 +0300] "GET /wp-admin/includes/ HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇧🇷 SOC PR	2026-06-16 04:44:00 (1 day ago)	IPS: WordPress File Manager Plugin Remote Code Execution (CVE-2020-25213).	Web App Attack
🇧🇪 taivas.nl	2026-06-16 04:33:33 (1 day ago)	Many_bad_calls	Web App Attack
🇫🇷 masterguru	2026-06-16 04:21:51 (1 day ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-197) show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-16 01:08:32 (1 day ago)	203.25.124.50 - - [16/Jun/2026:04:08:31 +0300] "GET /wp-content/users.php HTTP/1.1" 404 725 "-" "Moz ... show more 203.25.124.50 - - [16/Jun/2026:04:08:31 +0300] "GET /wp-content/users.php HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 203.25.124.50 - - [16/Jun/2026:04:08:31 +0300] "GET /wp-content/wp-activate.php HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇬🇷 setupgr	2026-06-15 19:54:53 (1 day ago)	(mod_security) mod_security (id:1000001) triggered by 203.25.124.50: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:1000001) triggered by 203.25.124.50: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 22:54:49.901769 2026] [security2:error] [pid 1917021:tid 1917233] [client 203.25.124.50:63137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-load.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /wp-includes/js/tinymce/plugins/wp-load.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.doityourself.gr"] [uri "/wp-includes/js/tinymce/plugins/wp-load.php"] [unique_id "ajBYiQ799xbSHUG5HIrhEgAAANU"] show less	Port Scan
Anonymous	2026-06-15 14:55:03 (2 days ago)	Bot / scanning and/or hacking attempts: GET /wp-content/login.php HTTP/2.0, GET /wp-login.php?redire ... show more Bot / scanning and/or hacking attempts: GET /wp-content/login.php HTTP/2.0, GET /wp-login.php?redirect_to=https%3A%2F%2Fjaapbeunder.nl%2Fwp, GET /wp-includes/blocks/footnotes/ HTTP/2.0, GET /wp-includes/Requests/src/Utility/ HTTP/2.0, GET /wp-admin/ HTTP/2.0, GET /wp-includes/block-supports/222.php HTTP/2.0 show less	Hacking Web App Attack
🇧🇪 taivas.nl	2026-06-15 13:32:10 (2 days ago)	Bad_requests	Bad Web Bot
🇬🇷 setupgr	2026-06-15 12:09:29 (2 days ago)	(mod_security) mod_security (id:1000001) triggered by 203.25.124.50: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:1000001) triggered by 203.25.124.50: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 15:09:25.012117 2026] [security2:error] [pid 948989:tid 949039] [client 203.25.124.50:51697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-load.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /wp-admin/wp-load.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.ftiaxtomonosou.gr"] [uri "/wp-admin/wp-load.php"] [unique_id "ai_rddXD3_cY7WcDuxoN8QAAAJc"] show less	Port Scan
🇫🇷 masterguru	2026-06-15 09:27:26 (2 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195) show less	Bad Web Bot
🇧🇪 cmbplf	2026-06-15 08:46:19 (2 days ago)	449 requests with url.path *config.php	Brute-Force Bad Web Bot
🇫🇷 LRob.fr	2026-06-15 06:30:02 (2 days ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 todix	2026-06-14 12:20:37 (3 days ago)	Web App Attack Exploid from 203.25.124.50	Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.148.10.151

🇹🇼 210.68.105.68

🇪🇨 186.5.72.30

🇧🇷 177.44.96.124

🇳🇱 172.71.95.86

🇺🇸 165.154.182.204

🇨🇳 123.118.230.64

🇷🇺 81.23.173.32

🇸🇦 31.166.96.155

🇧🇷 189.6.19.90

🇧🇯 154.127.42.14

🇮🇳 103.220.82.183

🇧🇷 45.236.251.140

🇮🇹 2a00:1450:4025:1803::123

🇮🇳 2404:6800:4000:101f::120

🇭🇰 220.246.46.144

🇧🇪 198.235.24.201

🇹🇼 198.235.24.58

🇲🇽 187.154.100.150

🇺🇸 142.93.48.137