JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.74

203.25.124.74 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.74

Whois 203.25.124.74

IP Abuse Reports for 203.25.124.74:

This IP address has been reported a total of 128 times from 62 distinct sources. 203.25.124.74 was first reported on March 16th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-19 16:45:02 (2 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 antlac1	2026-06-19 06:27:09 (12 hours ago)	crowdsecurity/http-wordpress-scan	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-18 20:24:14 (22 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇬🇧 poundawebsiteltd	2026-06-18 19:02:01 (1 day ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.74 - - [18/Jun/2026:20:01:59 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.74 - - [18/Jun/2026:20:01:59 +0100] GET /wp-includes/blocks/code/ HTTP/1.1 403 158 - Go-http-client/1.1 show less	Web App Attack
🇩🇪 paissangroup	2026-06-18 18:25:48 (1 day ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-18 01:04:41 (1 day ago)	203.25.124.74 - - [18/Jun/2026:04:04:37 +0300] "GET /wp-admin/ HTTP/1.1" 404 707 "-" "Mozilla/5.0 (W ... show more 203.25.124.74 - - [18/Jun/2026:04:04:37 +0300] "GET /wp-admin/ HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 203.25.124.74 - - [18/Jun/2026:04:04:40 +0300] "GET /wp-content/admin.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
Anonymous	2026-06-17 22:37:17 (1 day ago)	Banned by Fail2Ban on server	Web App Attack
🇫🇷 LRob.fr	2026-06-17 04:30:03 (2 days ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-16 05:42:27 (3 days ago)	203.25.124.74 - - [16/Jun/2026:08:42:27 +0300] "GET /wp-content/ HTTP/1.1" 404 708 "-" "Mozilla/5.0 ... show more 203.25.124.74 - - [16/Jun/2026:08:42:27 +0300] "GET /wp-content/ HTTP/1.1" 404 708 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇧🇪 taivas.nl	2026-06-16 04:33:25 (3 days ago)	Many_bad_calls	Web App Attack
🇫🇷 masterguru	2026-06-16 04:22:06 (3 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-197) show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-16 04:02:20 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇦 URAN Publishing Service	2026-06-16 00:36:33 (3 days ago)	203.25.124.74 - - [16/Jun/2026:03:36:29 +0300] "GET /wp-includes/speculative8.php HTTP/1.1" 404 707 ... show more 203.25.124.74 - - [16/Jun/2026:03:36:29 +0300] "GET /wp-includes/speculative8.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 203.25.124.74 - - [16/Jun/2026:03:36:32 +0300] "GET /wp-content/plugins/hello-plus/classes/ehp-sarang.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Web App Attack
🇩🇪 Lino Project	2026-06-15 22:28:59 (3 days ago)	203.25.124.74 - - [16/Jun/2026:00:28:56 +0200] "GET /wp-includes/js/wp-load.php HTTP/2.0" 404 50144 ... show more 203.25.124.74 - - [16/Jun/2026:00:28:56 +0200] "GET /wp-includes/js/wp-load.php HTTP/2.0" 404 50144 "http://millelibriperbambini.it/wp-includes/js/wp-load.php" "Go-http-client/2.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-15 19:55:53 (3 days ago)	(mod_security) mod_security (id:1000001) triggered by 203.25.124.74: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:1000001) triggered by 203.25.124.74: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 22:55:52.805845 2026] [security2:error] [pid 1965768:tid 1965798] [client 203.25.124.74:62345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /wp-content/themes/theme/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "mail.doityourself.gr"] [uri "/wp-content/themes/theme/about.php"] [unique_id "ajBYyJhSggell5vQAURPDQAAAUM"] show less	Port Scan

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 120.62.8.17

🇺🇸 91.230.168.18

🇪🇹 196.188.187.59

🇧🇷 168.228.15.63

🇺🇸 165.227.209.27

🇹🇭 147.50.231.135

🇳🇱 45.148.10.151

🇺🇸 44.153.192.128

🇨🇳 8.152.211.196

🇦🇹 213.225.9.147

🇬🇧 195.140.214.29

🇪🇬 156.206.14.212

🇧🇩 103.183.62.3

🇫🇷 89.116.31.97

🇩🇪 46.101.216.224

🇺🇸 44.160.158.253

🇬🇧 193.176.29.24

🇫🇷 185.66.234.228

🇺🇸 142.204.94.214

🇻🇳 103.118.28.15