JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.230.223.130

23.230.223.130 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	EGIHosting
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203380
Domain Name	egihosting.com
Country	🇧🇬 Bulgaria
City	Sofia, Sofia-Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.230.223.130

Whois 23.230.223.130

IP Abuse Reports for 23.230.223.130:

This IP address has been reported a total of 14 times from 12 distinct sources. 23.230.223.130 was first reported on October 10th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Bytemark	2026-04-23 15:07:03 (2 months ago)	23.230.223.130 - - [23/Apr/2026:16:06:49 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.goo ... show more 23.230.223.130 - - [23/Apr/2026:16:06:49 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 23.230.223.130 - - [23/Apr/2026:16:06:53 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 23.230.223.130 - - [23/Apr/2026:16:07:02 +0100] "GET /wp-login.php/ HTTP/1.1" 302 5 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇪🇸 el-brujo	2026-04-22 17:03:52 (2 months ago)	[Wed Apr 22 19:03:49.124143 2026] [proxy_fcgi:error] [pid 2426367:tid 2426393] [remote 23.230.223.13 ... show more [Wed Apr 22 19:03:49.124143 2026] [proxy_fcgi:error] [pid 2426367:tid 2426393] [remote 23.230.223.130:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Wed Apr 22 19:03:52.595631 2026] [proxy_fcgi:error] [pid 2418904:tid 2418941] [remote 23.230.223.130:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇧🇷 hostseries	2026-02-22 11:03:04 (4 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2026-01-28 10:55:49 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.28 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.28 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2026-01-02 09:30:05 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2025-12-29 03:46:14 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇫🇷 masterguru	2025-12-23 11:04:20 (6 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 23.230.223.130 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 23.230.223.130 (DE/Germany/-): 1 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2025-12-13 01:21:13 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.13 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.13 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-04 07:36:25 (6 months ago)	botnet	DDoS Attack
🇨🇭 backslash	2025-11-11 20:45:55 (7 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-06 21:26:55 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 23.230.223.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 23.230.223.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 16:26:45.295056 2025] [security2:error] [pid 16092:tid 16092] [client 23.230.223.130:50091] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bernsteinip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ0SlVzSCE7K6lE38nRQTwAAAAk"], referer: https://bernsteinip.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 jcbriar	2025-11-01 07:13:44 (7 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 fbarela	2025-10-18 03:00:23 (8 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2024-10-10 20:55:12 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 102.69.186.34

🇺🇸 192.126.143.19

🇭🇰 168.76.131.178

🇺🇸 143.244.182.31

🇮🇹 93.92.72.55

🇩🇪 91.107.130.2

🇺🇸 66.132.186.206

🇰🇷 59.14.170.169

🇳🇱 45.153.34.235

🇺🇸 43.166.242.189

🇬🇧 35.203.211.136

🇬🇧 35.203.210.155

🇬🇧 35.203.210.64

🇨🇳 222.76.199.124

🇺🇸 207.90.244.18

🇯🇵 172.235.205.236

🇮🇳 103.182.132.154

🇱🇹 62.60.130.219

🇰🇷 58.65.96.141

🇭🇰 43.132.150.89