JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 90.40.138.52

90.40.138.52 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 93%: ?

93%

ISP	Orange S.A.
Usage Type	Fixed Line ISP
ASN	AS3215
Hostname(s)	anancy-554-1-27-52.w90-40.abo.wanadoo.fr
Domain Name	orange.com
Country	🇫🇷 France
City	Aulnay-sous-Bois, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 90.40.138.52

Whois 90.40.138.52

IP Abuse Reports for 90.40.138.52:

This IP address has been reported a total of 17 times from 17 distinct sources. 90.40.138.52 was first reported on June 25th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Starburst SysOp Team	2026-06-29 09:51:18 (7 hours ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-ams6-1)	Hacking Bad Web Bot
🇫🇷 service Informatique	2026-06-29 04:00:37 (13 hours ago)	index.php	Web App Attack
🇺🇸 conrad10781	2026-06-29 01:22:15 (16 hours ago)	nginx-direct-ip	Port Scan
🇺🇸 TPI-Abuse	2026-06-28 20:23:38 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 90.40.138.52 (anancy-554-1-27-52.w90-40.abo.wan ... show more (mod_security) mod_security (id:210492) triggered by 90.40.138.52 (anancy-554-1-27-52.w90-40.abo.wanadoo.fr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:23:34.810382 2026] [security2:error] [pid 32387:tid 32387] [client 90.40.138.52:57770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.97"] [uri "/.env"] [unique_id "akGCxsS2bdZVswqLj7nhigAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-28 19:46:47 (21 hours ago)	Too many 404 requests [BY]	Web App Attack
🇳🇱 Savvii	2026-06-28 19:45:12 (21 hours ago)	20 attempts against mh-misbehave-ban on star	Brute-Force Bad Web Bot Web App Attack
🇨🇿 Countryman	2026-06-28 19:02:14 (22 hours ago)	IPS detection: AndroxGh0st.Malware	Hacking
Anonymous	2026-06-28 16:10:22 (1 day ago)	Aggressive web scan	Web App Attack
🇺🇸 ISPLtd	2026-06-28 15:07:14 (1 day ago)	Jun 28 09:07:10 90.40.138.52 TCP SPT=52548 DPT=2087 SYN Jun 28 09:07:11 90.40.138.52 TCP SPT=52548 D ... show more Jun 28 09:07:10 90.40.138.52 TCP SPT=52548 DPT=2087 SYN Jun 28 09:07:11 90.40.138.52 TCP SPT=52548 DPT=2087 SYN Jun 28 09:07:13 90.40.138.52 TCP SPT=52548 DPT=2087 ... show less	Port Scan
🇫🇷 dynamix	2026-06-28 14:59:43 (1 day ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-28 14:51:44 (1 day ago)	90.40.138.52 - - [28/Jun/2026:14:51:44 +0000] "GET /.env HTTP/1.1" 404 381 "-" "-" ...	Bad Web Bot Web App Attack
🇨🇦 Mediashaker	2026-06-28 12:56:14 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 90.40.138.52 (FR/France/anancy-554-1-27 ... show more (mod_security) mod_security triggered on hostname [redacted] 90.40.138.52 (FR/France/anancy-554-1-27-52.w90-40.abo.wanadoo.fr) show less	SQL Injection
Anonymous	2026-06-28 12:20:21 (1 day ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇫🇷 Thibault Millant	2026-06-28 12:13:45 (1 day ago)	90.40.138.52 - - [28/Jun/2026:12:13:32 +0000] "GET /images/..%2f..%2f..%2f..%2f.env HTTP/1.1" 400 15 ... show more 90.40.138.52 - - [28/Jun/2026:12:13:32 +0000] "GET /images/..%2f..%2f..%2f..%2f.env HTTP/1.1" 400 150 "-" "-" 90.40.138.52 - - [28/Jun/2026:12:13:32 +0000] "GET /assets/..%2f..%2f..%2f..%2f.env HTTP/1.1" 400 150 "-" "-" 90.40.138.52 - - [28/Jun/2026:12:13:32 +0000] "GET /public/..%2f..%2f..%2f..%2f.env HTTP/1.1" 400 150 "-" "-" 90.40.138.52 - - [28/Jun/2026:12:13:32 +0000] "GET /.env%00 HTTP/1.1" 400 150 "-" "-" 90.40.138.52 - - [28/Jun/2026:12:13:32 +0000] "GET /..%2f..%2f..%2f..%2f.env HTTP/1.1" 400 150 "-" "-" ... show less	Brute-Force Exploited Host SSH
Anonymous	2026-06-27 04:04:10 (2 days ago)	Port scan on ports 80/TCP, 443/TCP to unused IP	Port Scan

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 146.70.202.135

🇨🇳 101.96.203.52

🇺🇸 57.141.20.61

🇹🇼 198.235.24.106

🇰🇪 197.248.8.33

🇸🇬 178.128.84.112

🇳🇱 178.16.55.50

🇧🇷 152.32.199.112

🇨🇳 150.223.194.182

🇺🇸 147.185.132.222

🇨🇳 117.12.239.164

🇳🇱 91.92.40.204

🇱🇹 81.30.98.44

🇭🇰 43.128.3.201

🇺🇸 2607:f8b0:400e:c07::12d

🇳🇱 204.76.203.49

🇩🇪 162.19.243.145

🇫🇮 147.185.133.36

🇮🇳 128.185.33.227

🇬🇧 91.204.209.29