JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.115.234.23

161.115.234.23 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 20%: ?

20%

ISP	Flux Telecom, LLC
Usage Type	Fixed Line ISP
ASN	AS6079
Domain Name	fluxtelecom.com
Country	🇺🇸 United States of America
City	Leesburg, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.115.234.23

Whois 161.115.234.23

IP Abuse Reports for 161.115.234.23:

This IP address has been reported a total of 9 times from 6 distinct sources. 161.115.234.23 was first reported on November 22nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 16:06:16 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:06:09.499452 2026] [security2:error] [pid 10249:tid 10249] [client 161.115.234.23:42839] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jvcsat.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jvcsat.com"] [uri "/"] [unique_id "aj6jcUrleFBYUuVXbBGFaQAAAA4"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 19:57:11 (4 weeks ago)	(mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 15:57:08.621467 2026] [security2:error] [pid 15805:tid 15805] [client 161.115.234.23:33081] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.wendykim.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.wendykim.com"] [uri "/"] [unique_id "ahdMlBxgsKSVMERGsFEGiQAAAAQ"], referer: http://wendykim.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 00:21:43 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 20:21:38.093029 2026] [security2:error] [pid 3544:tid 3544] [client 161.115.234.23:43911] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.gonzalez.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.gonzalez.com"] [uri "/669Summit/index.html"] [unique_id "ahOWEuZk-BztS0ZKyWKggwAAAAk"], referer: http://669summit.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 Pingger Shikkoken	2026-05-23 14:15:23 (1 month ago)	2026-05-23T14:15:23+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-05-23T14:15:23+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=161.115.234.23 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=56050 DF PROTO=TCP SPT=44325 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-23T14:15:24+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=161.115.234.23 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=56051 DF PROTO=TCP SPT=44325 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-23T14:15:25+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=161.115.234.23 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=56052 DF PROTO=TCP SPT=44325 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
🇦🇺 MAGIC	2026-05-14 01:00:18 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-09 05:38:37 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 161.115.234.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 01:38:31.088879 2026] [security2:error] [pid 18694:tid 18760] [client 161.115.234.23:41159] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|afghanistantraveller.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "afghanistantraveller.com"] [uri "/"] [unique_id "af7IVxbe0BqAuR_uiRy8cgAAAQ8"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 Gem	2026-04-28 23:02:29 (1 month ago)	Unauthorized web scan.	Web App Attack
🇵🇱 Ma ma	2026-02-08 08:15:00 (4 months ago)	page scanning	Web App Attack
🇷🇺 6o6ep	2025-11-22 04:35:00 (7 months ago)	GET / HTTP/1.1	Port Scan Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 186.193.18.93

🇲🇽 66.54.140.166

🇮🇳 210.212.136.3

🇧🇪 198.235.24.236

🇳🇱 195.178.110.102

🇬🇧 195.140.214.19

🇺🇸 134.122.12.151

🇮🇳 115.96.121.76

🇨🇦 85.217.149.47

🇷🇺 81.20.203.37

🇸🇬 54.169.213.217

🇩🇪 2a0e:97c0:3ea:616::1

🇰🇷 222.239.251.12

🇧🇷 200.124.172.41

🇳🇱 176.65.139.242

🇺🇸 172.68.150.148

🇺🇸 170.106.74.215

🇩🇪 164.90.178.220

🇵🇰 153.117.8.173

🇷🇺 80.253.31.232