Report for IP: 203.25.124.27

Threat LevelMEDIUM36/1002 rule types
3 incidents on record · 2 rule types · active over 2 days · last seen 2d ago
PTR N/A
Org / ASN VPN Consumer Osaka, Japan
Country 🇯🇵 Japan
City Osaka, Osaka
Timezone Asia/Tokyo

Attack Analysis

🇯🇵 Japan · Osaka · 137409 · Vpn Consumer Osaka, Japan
Drupal: Admin Path Probe
This IP probed Drupal administrative paths and received 4xx errors — a reconnaissance technique to map the CMS structure before a targeted attack. Automated scanners cycle through common admin paths to find unprotected entry points.
Directory Brute-Force (Active Scan)
This IP triggered 10 or more HTTP 4xx errors within 60 seconds — the signature of a vulnerability scanner cycling through wordlists of common admin paths, config files, and endpoints. Tools like Nikto, Dirbuster, and Gobuster produce exactly this pattern.

Reports (3)

Date Severity Description
15 Jun 2026 - 09:41 high Web: Active scan — 10+ 4xx errors in 60s
12 Jun 2026 - 23:43 high Web: Active scan — 10+ 4xx errors in 60s
12 Jun 2026 - 23:43 high Drupal: Admin path probe (4xx)

Related IPs — Same /24 Block (203.25.124.0/24)

203.25.124.19MEDIUM3 reports203.25.124.180MEDIUM2 reports203.25.124.208MEDIUM3 reports203.25.124.12MEDIUM2 reports203.25.124.13MEDIUM2 reports203.25.124.84MEDIUM2 reports203.25.124.252MEDIUM2 reports203.25.124.86MEDIUM2 reports
Part of EagleEye Intelligence