JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.94.138.253

23.94.138.253 was found in our database!

This IP was reported 2 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	23-94-138-253-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.94.138.253

Whois 23.94.138.253

IP Abuse Reports for 23.94.138.253:

This IP address has been reported a total of 2 times from 1 distinct source. 23.94.138.253 was first reported on May 30th 2025, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-07-01 06:57:56 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 23.94.138.253 (23-94-138-253-host.colocrossing. ... show more (mod_security) mod_security (id:210730) triggered by 23.94.138.253 (23-94-138-253-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 02:57:50.751681 2025] [security2:error] [pid 15244:tid 15352] [client 23.94.138.253:37305] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|staging.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/admin/error.log"] [unique_id "aGOG7qItqwp4Tiul4V7sIgAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 21:55:59 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 23.94.138.253 (23-94-138-253-host.colocrossing. ... show more (mod_security) mod_security (id:210730) triggered by 23.94.138.253 (23-94-138-253-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 17:55:52.362627 2025] [security2:error] [pid 731234:tid 731234] [client 23.94.138.253:42637] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.nbcnewsradio.com"] [uri "/MyErrors.log"] [unique_id "aDopaHX804BEJuWYuPQxFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 2 of 2 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2404:6800:4003:c20::124

🇰🇷 183.103.217.251

🇨🇳 101.126.54.167

🇺🇸 99.66.252.148

🇨🇳 220.181.51.90

🇧🇩 202.4.126.169

🇯🇵 163.43.18.248

🇫🇷 161.97.135.223

🇳🇱 45.148.10.183

🇳🇱 45.148.10.141

🇰🇿 37.99.45.248

🇺🇸 24.31.176.190

🇲🇩 185.162.141.34

🇨🇳 175.173.58.90

🇨🇳 121.11.96.13

🇮🇳 103.220.30.214

🇺🇸 68.198.58.194

🇺🇸 47.36.65.50

🇳🇱 45.148.10.151

🇷🇴 2.57.121.25