JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.23.39.152

102.23.39.152 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 74%: ?

74%

ISP	GVA Burkina Faso
Usage Type	Fixed Line ISP
ASN	AS36924
Domain Name	gva.africa
Country	🇧🇫 Burkina Faso
City	Ouagadougou, Centre

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.23.39.152

Whois 102.23.39.152

IP Abuse Reports for 102.23.39.152:

This IP address has been reported a total of 17 times from 13 distinct sources. 102.23.39.152 was first reported on June 18th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-27 11:58:38 (16 hours ago)	Known malicious PHP file or CMS probe	Web App Attack
Anonymous	2026-06-26 16:42:10 (1 day ago)	Attac	Brute-Force
🇳🇴 jad-abuse	2026-06-26 13:33:17 (1 day ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. O ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 1 hits. show less	Brute-Force Web App Attack
🇪🇸 masterguru	2026-06-25 10:33:51 (2 days ago)	(xmlrpc) Failed xmlrpc access from 102.23.39.152 (BF/Burkina Faso/-): 5 in the last 3600 secs (0-122 ... show more (xmlrpc) Failed xmlrpc access from 102.23.39.152 (BF/Burkina Faso/-): 5 in the last 3600 secs (0-122) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-25 09:57:19 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 102.23.39.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.23.39.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 05:57:12.727575 2026] [security2:error] [pid 26234:tid 26234] [client 102.23.39.152:37097] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|agworldmissions.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "agworldmissions.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajz7eB-TqA8ARl5IpYUdRQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 zam	2026-06-25 06:00:08 (2 days ago)	102.23.39.152 - - [25/Jun/2026:06:00:01 +0000] "POST /xmlrpc.php HTTP/1.1" 302 271	Web App Attack
🇺🇸 Jason Howell	2026-06-25 02:51:44 (3 days ago)	102.23.39.152 - - [25/Jun/2026:02:42:27 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Mozilla/5.0 ... show more 102.23.39.152 - - [25/Jun/2026:02:42:27 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/69.0.0.0 Safari/537.36" 102.23.39.152 - - [25/Jun/2026:02:50:28 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4758 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/75.0.0.0 Safari/537.36" 102.23.39.152 - - [25/Jun/2026:02:51:01 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4757 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/73.0.0.0 Safari/537.36" 102.23.39.152 - - [25/Jun/2026:02:51:24 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4758 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/92.0.0.0 Safari/537.36" 102.23.39.152 - - [25/Jun/2026:02:51:43 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4758 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/77.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 mccsoft.io	2026-06-25 00:53:23 (3 days ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-24 18:41:16 (3 days ago)	[WedJun2420:41:13.4610222026][security2:error][pid355040:tid355053][client102.23.39.152:0]ModSecurit ... show more [WedJun2420:41:13.4610222026][security2:error][pid355040:tid355053][client102.23.39.152:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"eselectronic.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajwkyS-HgLB2zru5mmNr7wAAAAo\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 wlt-blocker	2026-06-24 16:27:05 (3 days ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 14:47:40 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 102.23.39.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.23.39.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:47:36.327769 2026] [security2:error] [pid 20530:tid 20530] [client 102.23.39.152:36269] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|accommodation-perthairport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "accommodation-perthairport.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajvuCGuLg7YHf3xnJ0M5fQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 stinpriza	2026-06-24 13:37:18 (3 days ago)	Web App Attack	Web App Attack
🇩🇪 pltcldvlpr	2026-06-24 00:42:36 (4 days ago)	CMS/framework probe: 102.23.39.152 - - [24/Jun/2026:02:42:35 +0200] "POST /xmlrpc.php HTTP/1.1" 404 ... show more CMS/framework probe: 102.23.39.152 - - [24/Jun/2026:02:42:35 +0200] "POST /xmlrpc.php HTTP/1.1" 404 1499 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/65.0.0.0 Safari/537.36" asn=36924 org="GVA Cote d'Ivoire SAS" country=BF ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 18:19:25 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 102.23.39.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 102.23.39.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 14:19:20.191513 2026] [security2:error] [pid 20725:tid 20725] [client 102.23.39.152:37006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nolaanime.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nolaanime.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajrOKB8c90a7zEPrzUQjGwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-06-22 18:31:44 (5 days ago)	/xmlrpc.php	Hacking Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.135.206.10

🇮🇳 139.59.18.80

🇳🇱 45.198.224.46

🇺🇸 34.227.65.237

🇸🇾 5.0.72.168

🇧🇷 189.113.47.155

🇨🇳 183.6.91.151

🇩🇪 172.71.144.5

🇮🇳 115.245.172.214

🇨🇳 111.21.215.254

🇺🇸 65.49.1.202

🇭🇰 46.247.61.108

🇭🇰 46.8.78.131

🇳🇱 45.148.10.141

🇨🇳 220.179.255.54

🇨🇦 204.112.166.228

🇫🇮 147.185.133.134

🇳🇱 45.148.10.157

🇧🇷 205.210.31.210

🇵🇱 195.3.220.7