JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.112.19.23

212.112.19.23 was found in our database!

This IP was reported 223 times. Confidence of Abuse is 0%: ?

ISP	PRIVATE INTERNET ACCESS, Inc Url: https://privateinternetaccess.com/
Usage Type	Data Center/Web Hosting/Transit
ASN	AS42708
Domain Name	privateinternetaccess.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.112.19.23

Whois 212.112.19.23

IP Abuse Reports for 212.112.19.23:

This IP address has been reported a total of 223 times from 47 distinct sources. 212.112.19.23 was first reported on March 10th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-04-20 12:14:48 (2 months ago)	Blocked by UFW (TCP on 9150) Source port: 64015 TTL: 41 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 9150) Source port: 64015 TTL: 41 Packet length: 60 TOS: 0x08 This report (for 212.112.19.23) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-04-07 05:23:41 (2 months ago)	(mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 01:23:34.827012 2026] [security2:error] [pid 955225:tid 955225] [client 212.112.19.23:49477] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|acpb.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "acpb.net"] [uri "/license.txt"] [unique_id "adSU1nX0fRNkES3MGPPyMQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-07 05:02:40 (2 months ago)	(mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 01:02:32.860655 2026] [security2:error] [pid 998475:tid 998475] [client 212.112.19.23:48285] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|acctusa.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "acctusa.net"] [uri "/license.txt"] [unique_id "adSP6A6CkXdf8ceNRS59tQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-04-07 04:37:07 (2 months ago)	wordpress-fuzzing	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-07 04:23:36 (2 months ago)	(mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 00:23:29.034190 2026] [security2:error] [pid 859174:tid 859174] [client 212.112.19.23:62367] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|abilityengraving.com\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "abilityengraving.com"] [uri "/license.txt"] [unique_id "adSGwS9jZIGlgLmZl7sjtwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-07 03:52:37 (2 months ago)	(mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 212.112.19.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 23:52:30.070628 2026] [security2:error] [pid 618573:tid 618573] [client 212.112.19.23:16188] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|aares2025.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "aares2025.net"] [uri "/license.txt"] [unique_id "adR_frlOypD4COWqgZdnwwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-03-18 22:57:17 (3 months ago)	Web App Attack	Web App Attack
Anonymous	2026-03-02 02:30:10 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-27 02:25:15 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-24 02:20:32 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-08 09:30:08 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-05 09:25:09 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-02 09:20:24 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-01-26 08:55:13 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-01-23 08:50:20 (5 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking

Showing 1 to 15 of 223 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 119.73.19.22

🇳🇱 178.128.247.139

🇧🇷 177.22.174.238

🇵🇱 151.115.100.28

🇺🇸 107.151.199.144

🇮🇳 103.183.204.37

🇬🇧 89.37.172.133

🇩🇰 87.52.107.135

🇭🇰 23.100.91.106

🇹🇼 211.20.14.156

🇸🇪 178.20.28.67

🇺🇸 141.11.88.101

🇺🇸 91.230.168.233

🇬🇧 89.37.172.148

🇰🇷 61.76.112.4

🇸🇬 43.160.245.79

🇩🇪 2a00:1637:409:92:9999::216

🇵🇸 213.6.121.107

🇲🇳 203.23.199.89

🇨🇳 183.223.46.28