AbuseIPDB » 173.252.127.4

Enter an IP Address, Domain Name, or Subnet:

e.g. 34.204.200.74, microsoft.com, or 5.188.10.0/24

173.252.127.4 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	Facebook Inc.
Usage Type	Commercial
Domain Name	facebook.com
Country	United States
City	Washington, District of Columbia

Spot an error? IP info including ISP, Usage Type, and Location provided by IP2Location.

Important Note: 173.252.127.4 is an IP address from within our whitelist. Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

According to our records, this IP belongs to the subnet 173.252.64.0/18, identified as: "Facebook"

Report 173.252.127.4

Whois 173.252.127.4

IP Abuse Reports for 173.252.127.4:

This IP address has been reported a total of 26 times from 11 distinct sources. 173.252.127.4 was first reported on August 14th 2018, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
Mac7veN	12 Jan 2020	Robots ignored. Abusive scan of photo-gallery sections_	Port Scan Bad Web Bot Web App Attack
IrisFlower	29 Dec 2019	Unauthorized connection attempt detected from IP address 173.252.127.4 to port 80	Port Scan
hermawan	16 Dec 2019	[Mon Dec 16 17:41:45.199868 2019] [:error] [pid 3810:tid 140503113557760] [client 173.252.127.4:6439 ... show more[Mon Dec 16 17:41:45.199868 2019] [:error] [pid 3810:tid 140503113557760] [client 173.252.127.4:64398] [client 173.252.127.4] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Galeri_Kegiatan/2019/12/Galeri_Kegiatan_BMKG_Stasiun_Klimatologi_Malang_Periode_9-13_Desember_2019.jpg"] [unique_id "XfdfacswRmgR9FqCk5aIRwAAAAE"] ... show less	Hacking Web App Attack
Anonymous	05 Jun 2019	facebook trying to jam site	Web Spam
Anonymous	17 May 2019		DDoS Attack Phishing Web Spam Spoofing
IpdbBot	13 Mar 2019	Unauthorized access detected from banned ip	Bad Web Bot Web App Attack
WebWizards.NZ	08 Feb 2019	Looking for resource vulnerabilities	Web App Attack
Anonymous	30 Jan 2019	IOS Mobile	Web Spam Blog Spam
AvonleaConsulting	01 Nov 2018	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
AvonleaConsulting	31 Oct 2018	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
hermawan	25 Oct 2018	[Thu Oct 25 19:59:46.018832 2018] [:error] [pid 926:tid 140226001344256] [client 173.252.127.4:53912 ... show more[Thu Oct 25 19:59:46.018832 2018] [:error] [pid 926:tid 140226001344256] [client 173.252.127.4:53912] [client 173.252.127.4] ModSecurity: Access denied with code 403 (phase 2). String match within "head options" at REQUEST_METHOD. [file "/etc/modsecurity/modsec-flameeyes/rules/flameeyes_10_robots.conf"] [line "47"] [id "431060"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/meteorologi/3914-prakiraan-meteorologi/prakiraan-cuaca-jawa-timur-hari-ini/555556792-prakiraan-cuaca-hari-ini-untuk-pagi-siang-malam-dini-hari-di-provinsi-jawa-timur-berlaku-mulai-kamis-25-oktober-2018-jam-07-00-wib-hingga-jumat-26-oktober-2018-jam-07-00-wib-update-dari-analisis-kamis-25-10-2018"] [unique_id "[email protected]@QAAAAs"] [Thu Oct 25 19:59:46.019360 2018] [:error] [pid 926:tid 140226152195840] [client 173.252.127.4:54158] [client 173.252.127.4] ModSecurity: Access denied with code 403 (phase 2). String match within "head options" at REQUEST_METHOD. [file "/etc/modsecurity/modsec-flameeyes/rules/flameeyes_10_ro show less	Hacking Web App Attack
hermawan	25 Oct 2018	[Thu Oct 25 12:22:42.707770 2018] [:error] [pid 7202:tid 139619966338816] [client 173.252.127.4:6441 ... show more[Thu Oct 25 12:22:42.707770 2018] [:error] [pid 7202:tid 139619966338816] [client 173.252.127.4:64416] [client 173.252.127.4] ModSecurity: Access denied with code 403 (phase 2). String match within "head options" at REQUEST_METHOD. [file "/etc/modsecurity/modsec-flameeyes/rules/flameeyes_10_robots.conf"] [line "47"] [id "431060"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/meteorologi/3914-prakiraan-meteorologi/prakiraan-cuaca-jawa-timur-hari-ini/555556791-prakiraan-cuaca-hari-ini-setiap-3-jam-sekali-di-kota-dan-kabupaten-malang-berlaku-mulai-kamis-25-oktober-2018-jam-07-00-wib-hingga-jumat-26-oktober-2018-jam-07-00-wib-update-dari-analisis-kamis-25-10-2018-pukul-07-51-wib"] [unique_id "[email protected]"] [Thu Oct 25 12:22:42.717813 2018] [:error] [pid 5195:tid 139619974731520] [client 173.252.127.4:64406] [client 173.252.127.4] ModSecurity: Access denied with code 403 (phase 2). String match within "head options" at REQUEST_METHOD. [file "/etc/modsecurity/modsec-flameeyes/rules/flam show less	Hacking Web App Attack
hermawan	23 Oct 2018	[Tue Oct 23 19:25:27.313763 2018] [:error] [pid 17914:tid 139909113222912] [client 173.252.127.4:580 ... show more[Tue Oct 23 19:25:27.313763 2018] [:error] [pid 17914:tid 139909113222912] [client 173.252.127.4:58004] [client 173.252.127.4] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/modsec-flameeyes/rules/flameeyes_20_antispam.conf"] [line "29"] [id "432021"] [msg "Missing User-Agent header when posting"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/1.jpg"] [unique_id "W88TN8RzmnHnrYLvsEx-3AAAAFc"] ... show less	Hacking Web App Attack
Anonymous	20 Oct 2018	173.252.127.4 /cine/robots.php success 200 GET HTTP/1.1 1 ... show more173.252.127.4 /cine/robots.php success 200 GET HTTP/1.1 173.252.127.4 /cine/shell.php success 200 GET HTTP/1.1 show less	Phishing Web Spam Hacking Spoofing Brute-Force Bad Web Bot Web App Attack
AvonleaConsulting	17 Oct 2018	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack