JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.124.88.36

91.124.88.36 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 51%: ?

51%

ISP	JSC Ukrtelecom
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	ukrtelecom.ua
Country	🇦🇺 Australia
City	Adelaide, South Australia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.124.88.36

Whois 91.124.88.36

IP Abuse Reports for 91.124.88.36:

This IP address has been reported a total of 80 times from 40 distinct sources. 91.124.88.36 was first reported on February 4th 2021, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-27 17:14:10 (16 hours ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)	Hacking
Anonymous	2026-06-27 06:34:37 (1 day ago)	91.124.88.36 - - [27/Jun/2026:14:34:36 +0800] "GET /cgi-bin/ HTTP/1.1" 301 241 "-" "Mozilla/5.0 (Win ... show more 91.124.88.36 - - [27/Jun/2026:14:34:36 +0800] "GET /cgi-bin/ HTTP/1.1" 301 241 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:08:06 (1 day ago)	(mod_security) mod_security (id:240000) triggered by 91.124.88.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 91.124.88.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:07:58.928764 2026] [security2:error] [pid 29555:tid 29555] [client 91.124.88.36:49257] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|okwellbeing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "okwellbeing.com"] [uri "/images/stories/themes.php"] [unique_id "aj8-jvOUkN7QDSGAClEAMwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 02:19:48 (1 day ago)	Aggressive web scan	Web App Attack
🇳🇿 Antinson	2026-06-26 21:56:19 (1 day ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇬🇧 consul.to	2026-06-26 21:08:26 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Octopuce	2026-06-26 14:07:39 (1 day ago)	Aggressive web search of vulnerable pages: /wp-admin/js/index.php /wp-includes/js/jquery/jquery.php ... show more Aggressive web search of vulnerable pages: /wp-admin/js/index.php /wp-includes/js/jquery/jquery.php /function.php /wp-includes/block-supports/a ... show less	Web App Attack
🇬🇷 setupgr	2026-06-24 19:17:55 (3 days ago)	(mod_security) mod_security (id:1000001) triggered by 91.124.88.36 (AU/Australia/South Australia/Ade ... show more (mod_security) mod_security (id:1000001) triggered by 91.124.88.36 (AU/Australia/South Australia/Adelaide/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 22:17:55.106725 2026] [security2:error] [pid 187383:tid 187594] [client 91.124.88.36:51503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Xx.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /xx.php"] [severity "CRITICAL"] [tag "security"] [hostname "pankoskal.gr"] [uri "/xx.php"] [unique_id "ajwtY5Y7flsZmNWLfdSqNAAAAVI"] show less	Port Scan
🇬🇧 consul.to	2026-06-24 16:32:30 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-06-23 15:28:59 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 maxpower	2026-05-12 10:18:52 (1 month ago)	(wp_login) REGOLA 1 - WP Login Attack 91.124.88.36 (AU/Australia/-): 1 in the last 3600 secs; Ports: ... show more (wp_login) REGOLA 1 - WP Login Attack 91.124.88.36 (AU/Australia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 91.124.88.36 - - [12/May/2026:12:18:51 +0200] "POST /wp-login.php/wp-login.php HTTP/1.1" 200 10216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" "-" host=riecam.it show less	Port Scan
🇫🇷 Octopuce	2026-05-09 17:04:10 (1 month ago)	Aggressive web search of vulnerable pages: /update/ /themes/zMousse/ /wp-content/plugins/ubh/ /wp-co ... show more Aggressive web search of vulnerable pages: /update/ /themes/zMousse/ /wp-content/plugins/ubh/ /wp-content/plugins/seoplugins/ /wp-content/theme ... show less	Web App Attack
🇧🇪 cmbplf	2026-05-01 00:24:57 (1 month ago)	712 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 myagent.site	2026-03-30 04:18:15 (2 months ago)	Blocking for trying to access an exploit file: //style.php	Hacking
🇨🇭 backslash	2026-03-30 02:51:01 (2 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 190.108.99.72

🇬🇧 185.152.248.83

🇺🇸 100.29.192.32

🇩🇪 94.26.106.19

🇧🇬 79.124.40.138

🇬🇧 193.176.29.18

🇨🇦 85.217.149.57

🇱🇹 62.60.130.219

🇸🇪 31.59.160.12

🇪🇸 5.224.3.134

🇪🇹 196.188.99.39

🇵🇰 175.107.233.152

🇺🇸 162.216.150.223

🇺🇸 162.216.150.212

🇺🇸 162.216.149.89

🇰🇿 95.82.127.69

🇮🇷 94.183.59.33

🇰🇿 79.137.170.224

🇫🇷 54.37.150.153

🇻🇳 14.191.98.25