JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.247.136.252

23.247.136.252 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Black Mesa Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46997
Domain Name	nat.moe
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.247.136.252

Whois 23.247.136.252

IP Abuse Reports for 23.247.136.252:

This IP address has been reported a total of 14 times from 7 distinct sources. 23.247.136.252 was first reported on July 26th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 Mcshield.org	2025-11-30 23:36:24 (6 months ago)	Failed password for invalid user user from 23.247.136.252 port 30552 ssh2	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-12-16 06:57:20 (1 year ago)	(mod_security) mod_security (id:210831) triggered by 23.247.136.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 23.247.136.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 16 01:57:14.395187 2024] [security2:error] [pid 29683:tid 29683] [client 23.247.136.252:46798] [client 23.247.136.252] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thechoiceint.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thechoiceint.com"] [uri "/webalizer/usage_200804.html"] [unique_id "Z1_PSocVcAGBrXJVZHznVAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 nyuuzyou	2024-12-14 13:12:38 (1 year ago)	Intensive scraping: /web?s=%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20Simferopol&country=kk-kk&scraper=m ... show more Intensive scraping: /web?s=%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20Simferopol&country=kk-kk&scraper=mojeek. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36. show less	Bad Web Bot
🇺🇸 PulseServers	2024-12-06 23:57:42 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host
🇺🇸 gu-alvareza	2024-11-26 07:05:19 (1 year ago)	WordPress.xmlrpc.Pingback.DoS	DDoS Attack
🇩🇪 nyuuzyou	2024-11-25 08:18:43 (1 year ago)	Intensive scraping: /web?s=%22Powered%20By%20MediaWiki%22%20wiki&country=ki-ki&scraper=ddg. User-Age ... show more Intensive scraping: /web?s=%22Powered%20By%20MediaWiki%22%20wiki&country=ki-ki&scraper=ddg. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0. show less	Bad Web Bot
🇺🇸 TPI-Abuse	2024-11-22 16:49:00 (1 year ago)	(mod_security) mod_security (id:210831) triggered by 23.247.136.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 23.247.136.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 11:48:56.071281 2024] [security2:error] [pid 3378015:tid 3378015] [client 23.247.136.252:5112] [client 23.247.136.252] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/webalizer/usage_201711.html"] [unique_id "Z0C1-MpAPZI5QNlWzY12SwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2024-11-13 07:34:54 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 46997 (NATOLAB) Protocol ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 46997 (NATOLAB) Protocol: HTTP/1.0 (GET method) Domain: sefinek.net Endpoint: /genshin-stella-mod Timestamp: 2024-11-13T01:23:58Z Ray ID: 8e1af5a118e11574 Rule ID: 61fb495e94074aa0b50b084b03c00b25 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 sefinek.net	2024-11-13 01:49:52 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 46997 (NATOLAB) Protocol ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 46997 (NATOLAB) Protocol: HTTP/1.0 (method GET) Domain: sefinek.net Endpoint: /genshin-stella-mod Timestamp: 2024-11-13T01:23:58Z Ray ID: 8e1af5a118e11574 Rule ID: 61fb495e94074aa0b50b084b03c00b25 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 nyuuzyou	2024-11-12 09:24:17 (1 year ago)	Intensive scraping: /web?s=All%20messages%20QuickTopic%20Post%20a%20new%20message&country=ia-ia&scra ... show more Intensive scraping: /web?s=All%20messages%20QuickTopic%20Post%20a%20new%20message&country=ia-ia&scraper=yep. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Safari/605.1.15. show less	Bad Web Bot
🇵🇱 sefinek.net	2024-11-12 05:45:19 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 46997 (NATOLAB) Protocol ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK ASN: 46997 (NATOLAB) Protocol: HTTP/1.0 (method GET) Domain: sefinek.net Endpoint: /genshin-stella-mod Timestamp: 2024-11-12T04:19:54Z Ray ID: 8e13b9fc9b03174a Rule ID: 61fb495e94074aa0b50b084b03c00b25 UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2024-07-30 00:47:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-27 05:42:23 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-26 04:12:49 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 58.208.84.103

🇨🇳 36.249.125.169

🇳🇱 5.61.209.224

🇺🇸 172.174.5.146

🇫🇷 85.217.140.44

🇩🇪 85.203.15.76

🇧🇬 78.128.112.6

🇳🇱 45.198.224.140

🇨🇳 42.228.45.76

🇨🇦 20.48.176.78

🇨🇳 222.173.138.250

🇩🇪 213.209.159.235

🇦🇷 190.13.216.253

🇺🇸 185.223.152.85

🇩🇪 141.11.107.166

🇹🇼 122.117.89.238

🇨🇳 118.117.1.136

🇰🇷 112.216.129.27

🇮🇩 103.147.237.208

🇩🇪 88.70.4.119