JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.167.23.49

168.167.23.49 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 4%: ?

ISP	Botswana Telecommunications Corporation
Usage Type	Fixed Line ISP
ASN	AS14988
Domain Name	btc.bw
Country	🇧🇼 Botswana
City	Gaborone, Gaborone

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.167.23.49

Whois 168.167.23.49

IP Abuse Reports for 168.167.23.49:

This IP address has been reported a total of 14 times from 12 distinct sources. 168.167.23.49 was first reported on May 18th 2023, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-10 13:18:03 (13 hours ago)	block ruleset 333FBABBA6DC06D7D20EDF60700DF5D9612E6F09	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-10 00:35:06 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 168.167.23.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 168.167.23.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 19:34:59.830593 2026] [security2:error] [pid 2369325:tid 2369337] [client 168.167.23.49:49047] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bbpuertadelsol.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bbpuertadelsol.com"] [uri "/ingeconsultcr.com"] [unique_id "aWGes6eA2_xdwVM1U0uxNAAAAIk"], referer: https://bbpuertadelsol.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-11-19 21:54:21 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-15 21:14:38 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-03-27 01:47:18 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-01 06:49:00 (1 year ago)	2025-03-01T01:08:06.648271+00:00 postfix/postscreen[3244917]: NOQUEUE: reject: RCPT from [168.167.23 ... show more 2025-03-01T01:08:06.648271+00:00 postfix/postscreen[3244917]: NOQUEUE: reject: RCPT from [168.167.23.49]:34296: 550 5.7.1 Service unavailable; client [168.167.23.49] blocked; from=<[email protected]>, to=<[email protected]>, proto=ESMTP, helo=<[168.167.23.49]> M show less	Email Spam Spoofing
🇳🇱 rroethof	2024-10-27 06:53:22 (1 year ago)	2024-10-27T02:46:17.380284+02:00 mx2 postfix/postscreen[1562]: NOQUEUE: reject: RCPT from [168.167.2 ... show more 2024-10-27T02:46:17.380284+02:00 mx2 postfix/postscreen[1562]: NOQUEUE: reject: RCPT from [168.167.23.49]:19625: 550 5.7.1 Service unavailable; client [168.167.23.49] blocked using bl.score.senderscore.com; from=<[email protected]>, to=<[email protected]>, proto=ESMTP, helo=<[168.167.23.49]> 2024-10-27T05:59:41.516971+01:00 mx2 postfix/postscreen[1562]: NOQUEUE: reject: RCPT from [168.167.23.49]:12522: 550 5.7.1 Service unavailable; client [168.167.23.49] blocked using bl.score.senderscore.com; from=<[email protected]>, to=<[email protected]>, proto=ESMTP, helo=<[168.167.23.49]> 2024-10-27T07:53:21.172755+01:00 mx2 postfix/postscreen[1562]: NOQUEUE: reject: RCPT from [168.167.23.49]:25275: 550 5.7.1 Service unavailable; client [168.167.23.49] blocked using bl.score.senderscore.com; from=<[email protected]>, to=<[email protected]>, proto=ESMTP, helo=<smtpclient.apple> ... show less	Email Spam
🇭🇰 Little Iguana	2024-06-09 13:36:07 (2 years ago)	trying to access non-authorized port	Port Scan
🇵🇹 rnl	2024-01-09 05:56:29 (2 years ago)	postfix (unknown user, SPF fail or relay access denied)	Brute-Force
🇳🇿 Tripwire	2023-09-14 06:39:44 (2 years ago)	Wordpress login scanning	Brute-Force Web App Attack
🇨🇦 mfb	2023-09-03 12:42:04 (2 years ago)	Spoofed "From:"; Received: from [168.167.23.49] (unknown [168.167.23.49]); Sun, 3 Sep 2023 08:31:22 ... show more Spoofed "From:"; Received: from [168.167.23.49] (unknown [168.167.23.49]); Sun, 3 Sep 2023 08:31:22 -0400 (EDT) show less	Email Spam Spoofing
Anonymous	2023-07-23 06:30:39 (2 years ago)	postfix-rbl	Email Spam
🇩🇪 niceshops.com	2023-05-18 07:35:05 (3 years ago)	Web Attack ([18/May/2023:09:35:03.037] GET /wp-login.php)	Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.172.186.3

🇭🇰 118.193.32.119

🇳🇱 86.54.31.34

🇳🇱 81.19.216.88

🇧🇬 79.124.62.230

🇺🇸 66.132.186.128

🇺🇸 64.62.197.152

🇬🇧 46.101.82.66

🇱🇹 45.227.254.170

🇯🇵 8.216.87.103

🇺🇸 208.84.100.132

🇺🇸 205.210.31.86

🇧🇷 191.37.35.162

🇮🇶 185.166.25.150

🇨🇳 182.92.133.114

🇳🇱 172.94.9.113

🇺🇸 165.154.36.192

🇺🇸 162.216.150.65

🇺🇸 162.216.150.64

🇺🇸 147.185.132.68