JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.208.12.23

192.208.12.23 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 20%: ?

20%

ISP	Critical Control Technologies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS399486
Hostname(s)	oauth.hemadan.com
Domain Name	criticalcontrol.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.208.12.23

Whois 192.208.12.23

IP Abuse Reports for 192.208.12.23:

This IP address has been reported a total of 20 times from 13 distinct sources. 192.208.12.23 was first reported on August 2nd 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-04-20 15:20:57 (1 month ago)	192.208.12.23 - - [20/Apr/2026:18:20:56 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Window ... show more 192.208.12.23 - - [20/Apr/2026:18:20:56 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 19:47:22 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 192.208.12.23 (oauth.hemadan.com): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 192.208.12.23 (oauth.hemadan.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 15:47:18.455696 2026] [security2:error] [pid 2035701:tid 2035701] [client 192.208.12.23:57246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thevenicecafe.com"] [uri "/.env"] [unique_id "aeUxRhVe5giKjsguFGKKBwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-04-19 18:04:28 (1 month ago)	192.208.12.23 - - [19/Apr/2026:21:04:25 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (X11; L ... show more 192.208.12.23 - - [19/Apr/2026:21:04:25 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 192.208.12.23 - - [19/Apr/2026:21:04:27 +0300] "GET /.env HTTP/1.1" 404 2887 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
🇩🇪 BlueWire Hosting	2026-04-18 16:50:12 (1 month ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇨🇦 aks4226	2026-04-18 15:54:41 (1 month ago)	Bot search, attacking common web applications.	Web App Attack
🇺🇸 MPL	2026-04-17 04:53:35 (1 month ago)	tcp/80 (8 or more attempts)	Port Scan
🇺🇦 URAN Publishing Service	2026-04-08 19:18:12 (1 month ago)	192.208.12.23 - - [08/Apr/2026:22:18:11 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Window ... show more 192.208.12.23 - - [08/Apr/2026:22:18:11 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 192.208.12.23 - - [08/Apr/2026:22:18:11 +0300] "GET /.env HTTP/1.1" 404 3131 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" ... show less	Web App Attack
🇮🇱 spd.co.il	2026-04-08 16:01:46 (1 month ago)	Web application attack detected	Hacking Web App Attack
🇮🇩 titis.blitarkab	2026-04-08 04:25:00 (1 month ago)	golek-golek ASU /.env.bak	Web App Attack Hacking
🇨🇦 fibextelecom	2026-04-06 21:56:46 (1 month ago)	2026-04-06T21:56:41.980371+00:00 pve-ovh-canada-it-01 kernel: [18490.355677] [UFW BLOCK] IN=vmbr0 OU ... show more 2026-04-06T21:56:41.980371+00:00 pve-ovh-canada-it-01 kernel: [18490.355677] [UFW BLOCK] IN=vmbr0 OUT= MAC=d0:50:99:d2:45:95:70:ea:1a:a7:72:7f:08:00 SRC=192.208.12.23 DST=51.79.17.76 LEN=52 TOS=0x02 PREC=0x00 TTL=116 ID=51719 DF PROTO=TCP SPT=56750 DPT=80 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0 2026-04-06T21:56:43.013181+00:00 pve-ovh-canada-it-01 kernel: [18491.389438] [UFW BLOCK] IN=vmbr0 OUT= MAC=d0:50:99:d2:45:95:70:ea:1a:a7:72:7f:08:00 SRC=192.208.12.23 DST=51.79.17.76 LEN=52 TOS=0x02 PREC=0x00 TTL=116 ID=51720 DF PROTO=TCP SPT=56750 DPT=80 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0 2026-04-06T21:56:45.012369+00:00 pve-ovh-canada-it-01 kernel: [18493.389403] [UFW BLOCK] IN=vmbr0 OUT= MAC=d0:50:99:d2:45:95:70:ea:1a:a7:72:7f:08:00 SRC=192.208.12.23 DST=51.79.17.76 LEN=52 TOS=0x00 PREC=0x00 TTL=116 ID=51721 DF PROTO=TCP SPT=56750 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-04-06 21:44:40 (1 month ago)	Sensitive file access attempt	Hacking
🇺🇸 TPI-Abuse	2026-04-06 21:17:24 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 192.208.12.23 (oauth.hemadan.com): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 192.208.12.23 (oauth.hemadan.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 17:17:17.134362 2026] [security2:error] [pid 1049003:tid 1049003] [client 192.208.12.23:53313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.214"] [uri "/.env"] [unique_id "adQi3ekVXNbj2Sa2SO2IKQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 sockominfo	2026-04-06 20:46:06 (1 month ago)	[WAZUH] Access to sensitive files detected w/ specific boundary.	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-04-06 20:37:41 (1 month ago)	192.208.12.23 - - [06/Apr/2026:23:37:38 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (X11; L ... show more 192.208.12.23 - - [06/Apr/2026:23:37:38 +0300] "GET /.env HTTP/1.1" 404 534 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 192.208.12.23 - - [06/Apr/2026:23:37:40 +0300] "GET /.env HTTP/1.1" 404 2885 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-04-06 19:30:02 (1 month ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 206.189.95.232

🇺🇸 194.93.6.211

🇮🇹 172.253.13.146

🇺🇸 165.154.182.182

🇨🇳 116.178.130.89

🇨🇳 47.103.78.152

🇯🇵 8.209.208.8

🇸🇬 165.232.169.124

🇫🇷 51.159.149.103

🇷🇺 46.163.144.31

🇪🇬 41.128.181.199

🇺🇸 2602:fb54:1a00::1f5

🇰🇷 222.120.176.6

🇺🇸 70.36.108.34

🇪🇬 41.33.91.226

🇳🇵 27.34.73.200

🇮🇳 20.235.162.205

🇮🇳 2401:4900:8908:7e45:1df0:b20e:90f0:857

🇧🇴 181.188.172.6

🇮🇪 108.130.91.77