JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.81.227.112

23.81.227.112 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	LeaseWeb USA, Inc. Pheonix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS19148
Domain Name	leaseweb.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.81.227.112

Whois 23.81.227.112

IP Abuse Reports for 23.81.227.112:

This IP address has been reported a total of 16 times from 6 distinct sources. 23.81.227.112 was first reported on September 4th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-12-06 16:27:03 (1 year ago)	(mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 11:26:55.380337 2024] [security2:error] [pid 3139:tid 3139] [client 23.81.227.112:33827] [client 23.81.227.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.comsew.com.au\|F\|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.comsew.com.au"] [uri "/contact/"] [unique_id "Z1MlzzlrhtoN_mhFG_1kGgAAAAQ"], referer: https://www.comsew.com.au/contact/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-06 09:04:09 (1 year ago)	(mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 04:04:02.762823 2024] [security2:error] [pid 18086:tid 18086] [client 23.81.227.112:52971] [client 23.81.227.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jonker-online.com\|F\|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jonker-online.com"] [uri "/contact/"] [unique_id "Z1K-AqLeKmv-uWNcCcYp2wAAAA4"], referer: https://jonker-online.com/contact/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-04 23:33:45 (1 year ago)	(mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 18:33:41.797870 2024] [security2:error] [pid 27479:tid 27479] [client 23.81.227.112:33541] [client 23.81.227.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|doctorspainmanagement.com\|F\|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "doctorspainmanagement.com"] [uri "/contact-us/"] [unique_id "Z1Dm1d49Bc0mHj_k28BWmgAAAAQ"], referer: https://doctorspainmanagement.com/contact-us/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-04 02:19:28 (1 year ago)	(mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 21:19:22.705954 2024] [security2:error] [pid 11174:tid 11174] [client 23.81.227.112:38964] [client 23.81.227.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|amoriotech.com\|F\|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "amoriotech.com"] [uri "/contact.php"] [unique_id "Z0-8Km94zGh8pSjWRUJligAAABM"], referer: https://amoriotech.com/contact.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-03 17:06:52 (1 year ago)	(mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 23.81.227.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 12:06:45.347129 2024] [security2:error] [pid 2886227:tid 2886227] [client 23.81.227.112:50786] [client 23.81.227.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|christineaholtz.com\|F\|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "christineaholtz.com"] [uri "/contact/"] [unique_id "Z086pUOgUEm6P1XGn59VuQAAAAE"], referer: https://christineaholtz.com/contact/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-11-28 07:25:06 (1 year ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
Anonymous	2024-04-28 18:19:00 (2 years ago)	Sexual pervert caught sending lewd, pornographic spam - reported to authorities and blocked for LI ... show more Sexual pervert caught sending lewd, pornographic spam - reported to authorities and blocked for LIFE show less	Web Spam Email Spam
Anonymous	2024-04-21 05:27:05 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇭 backslash	2024-04-01 06:01:18 (2 years ago)		Web Spam
🇦🇺 oncord	2024-03-31 07:58:46 (2 years ago)	Form spam	Web Spam
🇺🇸 octageeks.com	2023-09-10 04:07:54 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2023-09-09 04:07:53 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2023-09-08 04:07:47 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2023-09-07 04:07:46 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2023-09-06 04:07:46 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2001:41d0:305:2100::d63c

🇧🇷 200.7.121.191

🇹🇼 198.235.24.122

🇹🇼 198.235.24.39

🇯🇵 128.1.49.46

🇱🇹 77.90.185.68

🇰🇪 41.60.234.123

🇨🇳 221.226.24.62

🇺🇿 213.230.127.104

🇩🇪 213.209.159.242

🇺🇸 205.210.31.78

🇮🇩 103.98.176.164

🇺🇸 49.51.183.220

🇺🇸 195.184.76.197

🇨🇳 144.123.76.56

🇨🇳 117.33.242.180

🇨🇳 101.249.63.170

🇨🇳 8.134.159.4

🇨🇳 220.250.11.40

🇸🇬 172.253.84.219