JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.247.136.245

23.247.136.245 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 0%: ?

ISP	Black Mesa Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46997
Domain Name	nat.moe
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.247.136.245

Whois 23.247.136.245

IP Abuse Reports for 23.247.136.245:

This IP address has been reported a total of 57 times from 13 distinct sources. 23.247.136.245 was first reported on July 27th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-02-25 01:52:13 (1 year ago)	Excessive connections to http/https ports	DDoS Attack
Anonymous	2025-02-16 08:20:01 (1 year ago)	wordpress-trap	Web App Attack
Anonymous	2025-02-06 10:22:25 (1 year ago)		Web App Attack
🇺🇸 gu-alvareza	2025-01-26 07:05:14 (1 year ago)	WordPress.xmlrpc.Pingback.DoS	DDoS Attack
🇺🇸 TPI-Abuse	2025-01-25 11:59:42 (1 year ago)	(mod_security) mod_security (id:210831) triggered by 23.247.136.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 23.247.136.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 06:59:34.537286 2025] [security2:error] [pid 1275600:tid 1275600] [client 23.247.136.245:55112] [client 23.247.136.245] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/"] [unique_id "Z5TSJg8p6LpGgGHb_zKT6AAAAAg"], referer: https://xn--krkenat-bn4c.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-23 06:18:15 (1 year ago)	(mod_security) mod_security (id:240950) triggered by 23.247.136.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240950) triggered by 23.247.136.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 23 01:18:08.876069 2025] [security2:error] [pid 646:tid 646] [client 23.247.136.245:53874] [client 23.247.136.245] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|goldengatecorgis.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goldengatecorgis.org"] [uri "/"] [unique_id "Z5HfIL_bbCLHCDL-c0FWYQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-22 02:23:29 (1 year ago)	(CT) IP 23.247.136.245 (DE/Germany/-) found to have 740 connections; Ports: 27960; SRV: 1; Action: 1 ... show more (CT) IP 23.247.136.245 (DE/Germany/-) found to have 740 connections; Ports: 27960; SRV: 1; Action: 1; Trigger: CT_LIMIT show less	DDoS Attack Hacking
🇺🇸 gu-alvareza	2025-01-21 07:05:25 (1 year ago)	WordPress.xmlrpc.Pingback.DoS	DDoS Attack
🇺🇸 jkhorvath.com	2025-01-16 18:12:27 (1 year ago)	Request for URL /usage/usage_201911.html	Phishing Brute-Force Web App Attack
🇺🇸 jkhorvath.com	2025-01-12 11:39:00 (1 year ago)	Request for URL /usage/usage_201912.html	Phishing Brute-Force Web App Attack
🇺🇸 jkhorvath.com	2025-01-05 02:04:35 (1 year ago)	Request for URL /login/return_url/64-l2dyb3vwcz9jyxrlz29yev9pzd02	Phishing Brute-Force Web App Attack
🇻🇳 Xuan Can	2025-01-02 01:43:48 (1 year ago)	(mod_security) mod_security (id:6) triggered by 23.247.136.245 (US/United States/-): 1 in the last 3 ... show more (mod_security) mod_security (id:6) triggered by 23.247.136.245 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 02 08:43:42.122181 2025] [security2:error] [pid 18088:tid 18134] [client 23.247.136.245:40674] [client 23.247.136.245] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "62"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "Z3XvTsH-yD2xh1lp8yCPDAAAAFI"], referer: https://kb.pavietnam.vn/tat-dang-ky-thanh-vien-website-wordpress.html show less	Brute-Force SSH
🇩🇪 nyuuzyou	2024-11-24 19:55:59 (1 year ago)	Intensive scraping: /web?s=%22powered%20by%20croogo%22%20%22Add%20New%20comment%22%205blogger&countr ... show more Intensive scraping: /web?s=%22powered%20by%20croogo%22%20%22Add%20New%20comment%22%205blogger&country=sm-sm&scraper=marginalia. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36. show less	Bad Web Bot
🇺🇸 PulseServers	2024-11-18 19:27:14 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS2 ... show less	DDoS Attack Exploited Host
🇺🇸 TPI-Abuse	2024-11-17 17:31:53 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 23.247.136.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 23.247.136.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 17 12:31:47.257591 2024] [security2:error] [pid 15686:tid 15686] [client 23.247.136.245:56288] [client 23.247.136.245] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|downloads.barkdull.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "downloads.barkdull.org"] [uri "/hashover-v1/kowayo.com"] [unique_id "Zzoog4QEVai4SEOKXVrbpgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 34.22.44.213

🇹🇷 195.85.207.85

🇺🇸 166.88.83.12

🇨🇦 165.245.233.174

🇺🇸 157.245.1.7

🇨🇾 103.80.10.77

🇫🇷 85.217.140.20

🇺🇸 54.85.126.86

🇸🇬 43.98.180.65

🇮🇶 37.205.118.75

🇺🇸 8.228.18.229

🇩🇪 213.209.159.56

🇭🇺 193.68.57.43

🇧🇩 182.48.80.240

🇻🇳 171.238.96.214

🇯🇵 166.88.149.165

🇳🇱 159.223.220.8

🇩🇪 141.11.107.166

🇧🇩 103.119.94.10

🇦🇹 68.210.120.110