JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.108.240.52

91.108.240.52 was found in our database!

This IP was reported 269 times. Confidence of Abuse is 0%: ?

ISP	AEZA GROUP LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210644
Domain Name	aeza.ru
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.108.240.52

Whois 91.108.240.52

IP Abuse Reports for 91.108.240.52:

This IP address has been reported a total of 269 times from 52 distinct sources. 91.108.240.52 was first reported on January 14th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-08-11 15:59:46 (1 year ago)	Ports: 80,443; Direction: 1; Trigger: LF_CXS	Brute-Force SSH
🇩🇪 nextweb	2024-08-11 09:06:34 (1 year ago)	(cxs) cxs mod_security triggered by 91.108.240.52 (FR/France/Île-de-France/Paris/nippy-scarf.aeza.ne ... show more (cxs) cxs mod_security triggered by 91.108.240.52 (FR/France/Île-de-France/Paris/nippy-scarf.aeza.network/[AS210644 Aeza International Ltd]): 1 in the last 3600 secs (CF_ENABLE) show less	Brute-Force
🇬🇧 findlab	2024-08-08 23:10:02 (1 year ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇩🇪 hbrks	2024-08-08 14:23:21 (1 year ago)	GET http://marche-be.com/	Web Spam Hacking Bad Web Bot
🇸🇬 Charles	2024-08-08 09:27:23 (1 year ago)	91.108.240.52 - - [08/Aug/2024:17:27:22 +0800] "GET /index.php/component/users HTTP/1.1" 404 2028 "h ... show more 91.108.240.52 - - [08/Aug/2024:17:27:22 +0800] "GET /index.php/component/users HTTP/1.1" 404 2028 "http://amstar.tw/osc1/" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:46.0) Gecko/20100101 Firefox/46.0" ... show less	Web Spam Email Spam Brute-Force Bad Web Bot Web App Attack SSH
🇫🇷 conseilgouz	2024-08-08 01:53:58 (1 year ago)	saw-Joomla User : try to access forms...	Hacking
🇦🇺 ozisp.com.au	2024-08-07 13:52:12 (1 year ago)	GB__<33>1723038729 [1:2025930:1] ET WEB_SPECIFIC_APPS Modx Revolution RCE (CVE-2018-1000207) [Classi ... show more GB__<33>1723038729 [1:2025930:1] ET WEB_SPECIFIC_APPS Modx Revolution RCE (CVE-2018-1000207) [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 91.108.240.52:47780 show less	Hacking
🇩🇪 hbrks	2024-08-07 08:13:48 (1 year ago)	GET '/index.php/component/users'	Web Spam Hacking Bad Web Bot
🇮🇩 hermawan	2024-08-03 00:27:35 (1 year ago)	[Fri Aug 02 21:59:58.926828 2024] [security2:error] [pid 1062422:tid 127629529187904] [client 91.108 ... show more [Fri Aug 02 21:59:58.926828 2024] [security2:error] [pid 1062422:tid 127629529187904] [client 91.108.240.52:50402] [client 91.108.240.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "119"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "Zqz0bk5PfmLws4we_watmwAAAFU"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1062486] [4RK+lKy2T40] [Zqz0bk5PfmLws4we_watmwAAAFU] keep_alive=[0] [2024-08-02 21:59:58.926842] [R:Zqz0bk5PfmLws4we_watmwAAAFU] UA:'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2847.91 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/xml,application/xml,application/xhtml+xml,text/ ... show less	Hacking Web App Attack
🇩🇪 findlab	2024-07-30 21:20:03 (1 year ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2024-07-30 03:35:37 (1 year ago)	Modx Revolution Remote Code Execution Vulnerability, PTR: nippy-scarf.aeza.network.	Hacking
🇨🇭 SOC [GOLINE SA]	2024-07-29 00:00:18 (1 year ago)	FortiGate detected IPS attempt	Hacking
🇨🇭 SOC [GOLINE SA]	2024-07-27 22:00:10 (1 year ago)	FortiGate detected IPS attempt	Hacking
🇮🇪 RoboSOC	2024-07-26 17:37:49 (1 year ago)	Modx Revolution Remote Code Execution Vulnerability, PTR: nippy-scarf.aeza.network.	Hacking
🇨🇭 SOC [GOLINE SA]	2024-07-26 09:00:06 (1 year ago)	FortiGate detected IPS attempt	Hacking

Showing 1 to 15 of 269 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.106.33.54

🇧🇷 187.58.66.231

🇩🇪 185.30.32.68

🇺🇸 165.154.172.200

🇪🇬 156.206.0.202

🇺🇸 65.49.1.205

🇺🇸 45.130.83.152

🇳🇬 165.154.11.206

🇺🇸 148.153.121.223

🇬🇧 92.27.157.252

🇺🇸 44.103.162.102

🇺🇸 44.39.132.27

🇺🇸 20.102.97.100

🇨🇳 222.212.91.18

🇸🇦 176.45.82.39

🇺🇸 174.225.85.44

🇮🇩 163.7.11.155

🇺🇸 44.60.248.72

🇳🇱 192.42.116.100

🇺🇸 162.216.149.162