JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 93.125.48.54

93.125.48.54 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	Reliable Software, Ltd.
Usage Type	Fixed Line ISP
ASN	AS6697
Hostname(s)	93-125-48-54.hosterby.com
Domain Name	hoster.by
Country	🇧🇾 Belarus
City	Minsk, Minsk City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 93.125.48.54

Whois 93.125.48.54

IP Abuse Reports for 93.125.48.54:

This IP address has been reported a total of 29 times from 13 distinct sources. 93.125.48.54 was first reported on August 24th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 nyuuzyou	2024-11-07 19:47:46 (1 year ago)	Intensive scraping: /web?s=%22Eintragen%22%20%22Am%22%20%22um%22%20%22schrieb%22%20%22folgendes%3A%2 ... show more Intensive scraping: /web?s=%22Eintragen%22%20%22Am%22%20%22um%22%20%22schrieb%22%20%22folgendes%3A%22%20%22Gesamt%3A%22&country=dz-dz&scraper=wiby. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0. show less	Bad Web Bot
🇬🇧 PulseServers	2024-11-07 05:15:10 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUK2 ... show less	DDoS Attack Exploited Host
🇬🇧 PulseServers	2024-11-07 04:28:28 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUK1 ... show less	DDoS Attack Exploited Host
Anonymous	2024-10-22 03:19:27 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Mario Silber	2024-10-15 00:00:53 (1 year ago)	(wordpress) Failed wordpress login from 93.125.48.54 (BY/Belarus/93-125-48-54.hoster.by)	Brute-Force
🇺🇸 octageeks.com	2024-10-13 04:06:16 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2024-10-11 04:06:16 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2024-10-09 04:06:19 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 TPI-Abuse	2024-10-09 03:19:54 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 93.125.48.54 (93-125-48-54.hoster.by): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 93.125.48.54 (93-125-48-54.hoster.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 08 23:19:51.140435 2024] [security2:error] [pid 9213:tid 9213] [client 93.125.48.54:46296] [client 93.125.48.54] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.125.48.54 (+1 hits since last alert)\|hollywooddrummers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hollywooddrummers.com"] [uri "/xmlrpc.php"] [unique_id "ZwX2Vz9xT6ix2zHTSFbdPwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2024-10-07 04:06:31 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇩🇪 CommanderRoot	2024-10-01 06:36:28 (1 year ago)	HTTP request flood	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2024-10-01 00:35:11 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 93.125.48.54 (93-125-48-54.hoster.by): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 93.125.48.54 (93-125-48-54.hoster.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 30 20:35:07.252387 2024] [security2:error] [pid 641297:tid 641297] [client 93.125.48.54:59282] [client 93.125.48.54] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.125.48.54 (+1 hits since last alert)\|www.axiomemail.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.axiomemail.net"] [uri "/xmlrpc.php"] [unique_id "ZvtDu32EQnydJ2twzQDeOQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2024-09-30 13:53:22 (1 year ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2024-09-30 01:11:05 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 93.125.48.54 (93-125-48-54.hoster.by): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 93.125.48.54 (93-125-48-54.hoster.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 29 21:10:58.385434 2024] [security2:error] [pid 18157:tid 18157] [client 93.125.48.54:60124] [client 93.125.48.54] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.125.48.54 (+1 hits since last alert)\|newcitypark.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newcitypark.com"] [uri "/xmlrpc.php"] [unique_id "Zvn6ovS0N1MjVdrtl1-lqAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-09-21 04:48:33 (1 year ago)	93.125.48.54 - - [21/Sep/2024:06:48:32 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x ... show more 93.125.48.54 - - [21/Sep/2024:06:48:32 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.138 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.126.37.156

🇨🇦 138.197.163.192

🇧🇬 45.88.138.45

🇺🇸 208.84.102.38

🇮🇳 122.185.146.166

🇰🇷 110.14.190.217

🇺🇸 108.181.23.83

🇺🇸 104.243.133.18

🇫🇷 77.237.239.101

🇺🇸 66.132.172.148

🇳🇱 5.61.209.224

🇷🇴 2.57.121.25

🇺🇸 2607:f8b0:4001:c5f::12a

🇺🇸 2604:a880:400:d1:0:4:9630:d001

🇻🇪 186.167.113.69

🇺🇸 138.197.200.106

🇵🇱 138.124.20.112

🇪🇸 95.120.55.200

🇩🇪 3.70.192.189

🇨🇴 201.184.50.251