JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.25.124.91

203.25.124.91 was found in our database!

This IP was reported 94 times. Confidence of Abuse is 100%: ?

100%

ISP	VPN Consumer Osaka, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.25.124.91

Whois 203.25.124.91

IP Abuse Reports for 203.25.124.91:

This IP address has been reported a total of 94 times from 49 distinct sources. 203.25.124.91 was first reported on June 12th 2025, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 netclix.gr	2026-06-14 08:11:32 (34 minutes ago)	(PERMBLOCK) 203.25.124.91 (JP/Japan/-) has had more than 2 temp blocks in the last 604800 secs; Port ... show more (PERMBLOCK) 203.25.124.91 (JP/Japan/-) has had more than 2 temp blocks in the last 604800 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇫🇷 solution.it	2026-06-14 06:01:40 (2 hours ago)	[Sun Jun 14 08:01:39.644564 2026] [php7:error] [pid 3585303:tid 3585303] [client 203.25.124.91:32583 ... show more [Sun Jun 14 08:01:39.644564 2026] [php7:error] [pid 3585303:tid 3585303] [client 203.25.124.91:32583] script '/var/www/html/internetriders.org/wp-admin/maint/chosen.php' not found or unable to stat show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-14 04:25:21 (4 hours ago)	203.25.124.91 - - [14/Jun/2026:07:25:18 +0300] "GET /wp-content/plugins/hello.php HTTP/1.1" 404 718 ... show more 203.25.124.91 - - [14/Jun/2026:07:25:18 +0300] "GET /wp-content/plugins/hello.php HTTP/1.1" 404 718 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 19:38:59 (13 hours ago)	203.25.124.91 - - [13/Jun/2026:22:38:58 +0300] "GET /wp-includes/config.php HTTP/1.1" 404 708 "-" "G ... show more 203.25.124.91 - - [13/Jun/2026:22:38:58 +0300] "GET /wp-includes/config.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇩🇪 LRob.fr	2026-06-13 16:45:03 (16 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-13 14:49:24 (17 hours ago)	203.25.124.91 - - [13/Jun/2026:17:49:23 +0300] "GET /wp-includes/blocks/calendar/ HTTP/1.1" 404 706 ... show more 203.25.124.91 - - [13/Jun/2026:17:49:23 +0300] "GET /wp-includes/blocks/calendar/ HTTP/1.1" 404 706 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-13 12:48:39 (19 hours ago)	Excessive multi-domain requests	Brute-Force
🇯🇵 S.O.B.A. Dev.	2026-06-13 09:35:07 (23 hours ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 09:16:43 (23 hours ago)	203.25.124.91 - - [13/Jun/2026:12:16:42 +0300] "GET /wp-includes/js/jcrop/Jcrop.php HTTP/1.1" 404 70 ... show more 203.25.124.91 - - [13/Jun/2026:12:16:42 +0300] "GET /wp-includes/js/jcrop/Jcrop.php HTTP/1.1" 404 708 "http://www.semst.onu.edu.ua/wp-includes/js/jcrop/Jcrop.php" "Go-http-client/1.1" ... show less	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-13 08:26:53 (1 day ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.91 - - [13/Jun/2026:09:26:51 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.91 - - [13/Jun/2026:09:26:51 +0100] GET /wp-admin/mini-scannbro.php HTTP/1.1 403 158 - Go-http-client/1.1 show less	Web App Attack
🇩🇪 FeG Deutschland	2026-06-13 02:45:38 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 247	Exploited Host Web App Attack
🇬🇧 poundawebsiteltd	2026-06-12 21:37:59 (1 day ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.91 - - [12/Jun/2026:22:37:57 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 203.25.124.91 - - [12/Jun/2026:22:37:57 +0100] GET /wp-admin/images/as.php HTTP/1.1 403 158 - Go-http-client/1.1 show less	Web App Attack
🇩🇪 todix	2026-06-12 21:09:04 (1 day ago)	Web App Attack Exploid from 203.25.124.91	Web App Attack
🇨🇦 1gz	2026-06-12 16:35:40 (1 day ago)	Triggered Cloudflare WAF (firewallManaged) from JP. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from JP. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /wp-content/plugins/wp-file-manager/lib/sounds/admin.php UA: Go-http-client/1.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-12 14:32:27 (1 day ago)	203.25.124.91 - - [12/Jun/2026:17:32:25 +0300] "GET /wp-content/plugins/advanced-product-fields-for- ... show more 203.25.124.91 - - [12/Jun/2026:17:32:25 +0300] "GET /wp-content/plugins/advanced-product-fields-for-woocommerce/db.php HTTP/1.1" 404 716 "http://www.visnyk-ekon.uzhnu.edu.ua/wp-content/plugins/advanced-product-fields-for-woocommerce/db.php" "Go-http-client/1.1" 203.25.124.91 - - [12/Jun/2026:17:32:27 +0300] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 716 "http://www.visnyk-ekon.uzhnu.edu.ua/wp-content/plugins/pwnd/pwnd.php" "Go-http-client/1.1" ... show less	Web App Attack

Showing 1 to 15 of 94 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 178.27.90.142

🇸🇬 167.99.72.161

🇨🇦 85.217.149.31

🇹🇼 198.235.24.50

🇮🇩 182.253.178.240

🇭🇰 154.83.13.181

🇧🇷 152.32.200.213

🇳🇱 91.92.40.5

🇺🇸 85.208.96.209

🇳🇱 85.11.167.49

🇨🇳 106.75.136.209

🇳🇱 91.92.40.43

🇧🇷 45.174.162.68

🇧🇷 45.140.193.156

🇹🇼 211.22.131.70

🇩🇪 178.105.200.202

🇯🇵 163.44.101.215

🇨🇦 159.89.116.60

🇺🇸 147.185.132.113

🇺🇸 143.42.0.97