JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 96.0.24.240

96.0.24.240 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 33%: ?

33%

ISP	Amazon Data Services Denmark
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-96-0-24-240.eu-north-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇩🇰 Denmark
City	Copenhagen, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 96.0.24.240

Whois 96.0.24.240

IP Abuse Reports for 96.0.24.240:

This IP address has been reported a total of 64 times from 47 distinct sources. 96.0.24.240 was first reported on November 3rd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Thaliruth	2026-06-14 03:54:27 (2 days ago)	[Sun Jun 14 05:54:27.261554 2026] [authz_core:error] [pid 652003:tid 129610838701760] [client 96.0.2 ... show more [Sun Jun 14 05:54:27.261554 2026] [authz_core:error] [pid 652003:tid 129610838701760] [client 96.0.24.240:0] AH01630: client denied by server configuration: /var/www/vhosts/reiter-von-rohan.com/httpdocs/administrator/components/com_jce ... show less	Brute-Force
Anonymous	2026-06-12 14:42:35 (3 days ago)	[osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonis ... show more [osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2026-06-02 12:00:30 (1 week ago)	[osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonis ... show more [osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 20:59:01 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute ... show more (mod_security) mod_security (id:240335) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:58:53.591413 2026] [security2:error] [pid 29223:tid 29223] [client 96.0.24.240:63315] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 96.0.24.240 (+1 hits since last alert)\|thesalonx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "ahyhDbBt0RK1mb_0YHr1WgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-05-10 22:40:41 (1 month ago)	Form spam	Web Spam
🇨🇳 ThreatBook.io	2026-05-02 00:47:03 (1 month ago)	ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/96.0.24.240	SSH
🇺🇸 Rayulcifer	2026-04-23 23:09:21 (1 month ago)	96.0.24.240 - - [23/Apr/2026:18:09:04 -0500] "CONNECT 23.239.9.178:80 HTTP/1.0" 502 507 "-" "-" 96.0 ... show more 96.0.24.240 - - [23/Apr/2026:18:09:04 -0500] "CONNECT 23.239.9.178:80 HTTP/1.0" 502 507 "-" "-" 96.0.24.240 - - [23/Apr/2026:18:09:08 -0500] "GET http://proxyjudge.us/ HTTP/1.0" 200 78660 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇦 URAN Publishing Service	2026-04-22 01:38:55 (1 month ago)	96.0.24.240 - - [22/Apr/2026:04:38:54 +0300] "GET /wp-admin/network/img.php HTTP/1.1" 404 732 "https ... show more 96.0.24.240 - - [22/Apr/2026:04:38:54 +0300] "GET /wp-admin/network/img.php HTTP/1.1" 404 732 "https://127.0.0.1" "python-requests/2.33.1" 96.0.24.240 - - [22/Apr/2026:04:38:55 +0300] "GET /wp-content/languages/themes/PHPMailer/index.php HTTP/1.1" 404 732 "https://127.0.0.1" "python-requests/2.33.1" ... show less	Web App Attack
🇳🇱 Site.eu	2026-04-21 19:32:04 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇫🇷 Octopuce	2026-04-21 15:41:33 (1 month ago)	Aggressive web search of vulnerable pages: /wp-admin/network/img.php /wp-content/languages/themes/PH ... show more Aggressive web search of vulnerable pages: /wp-admin/network/img.php /wp-content/languages/themes/PHPMailer/index.php /cgi-bin/plugins/index.ph ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 10:34:00 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute ... show more (mod_security) mod_security (id:225170) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 06:33:54.809684 2026] [security2:error] [pid 664173:tid 664173] [client 96.0.24.240:62584] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ixd.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ixd.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ad9pkiNYYS-OMQ0rTO-oeQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 07:45:20 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute ... show more (mod_security) mod_security (id:225170) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 03:45:13.922773 2026] [security2:error] [pid 2063969:tid 2063969] [client 96.0.24.240:37487] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ironsightsarmory.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ironsightsarmory.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad9CCUcV9FlEbnROhYHw2wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 17:03:26 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute ... show more (mod_security) mod_security (id:225170) triggered by 96.0.24.240 (ec2-96-0-24-240.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 13:03:21.695315 2026] [security2:error] [pid 2404710:tid 2404710] [client 96.0.24.240:1371] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hsoftwaresystems.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hsoftwaresystems.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ad5zWb8hxyk4uvmcA_mPqgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-04-11 01:50:48 (2 months ago)	Scanning for web/db/file exploits on www.ogen.com	SQL Injection Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-04-03 00:59:07 (2 months ago)	Scanning for web/db/file exploits on www.brederaad-010.nl	SQL Injection Bad Web Bot Web App Attack

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:fb54:1a00::10e

🇷🇺 217.195.94.243

🇮🇶 194.49.87.170

🇨🇳 111.170.153.216

🇨🇳 110.249.201.54

🇮🇳 103.147.248.23

🇭🇰 45.249.247.165

🇭🇰 8.217.209.101

🇩🇪 2.26.64.64

🇬🇧 2a06:4880:2000::3a

🇺🇸 208.84.100.173

🇩🇪 172.217.33.150

🇨🇦 142.59.197.135

🇩🇪 139.177.179.231

🇩🇪 129.159.220.118

🇻🇳 103.78.1.33

🇳🇱 91.92.40.204

🇪🇸 80.24.1.119

🇫🇷 51.255.66.90

🇲🇾 47.254.233.18