JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.95.0.162

23.95.0.162 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 48%: ?

48%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	23-95-0-162-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.95.0.162

Whois 23.95.0.162

IP Abuse Reports for 23.95.0.162:

This IP address has been reported a total of 20 times from 7 distinct sources. 23.95.0.162 was first reported on June 23rd 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-28 12:17:12 (17 hours ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 10:25:07 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:25:01.572768 2026] [security2:error] [pid 24120:tid 24214] [client 23.95.0.162:39516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ethicmark.org"] [uri "/sftp-config.json"] [unique_id "akD2fffvEPLBOb2qcxGUwwAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 SkyDancer	2026-06-28 09:57:28 (19 hours ago)	Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ... show more Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx show less	Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-28 03:42:39 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:42:35.565725 2026] [security2:error] [pid 10305:tid 10305] [client 23.95.0.162:43776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dgroupsa.com"] [uri "/sftp-config.json"] [unique_id "akCYK5x4g5a-Tgj0Z4p6gwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 02:44:39 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:44:35.782348 2026] [security2:error] [pid 18085:tid 18085] [client 23.95.0.162:25444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dginstruments.com"] [uri "/sftp-config.json"] [unique_id "akCKk1J2wSScGa8F-DUs8gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 04:14:30 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:14:27.137270 2026] [security2:error] [pid 9552:tid 9552] [client 23.95.0.162:54002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desarrollosdecolima.com"] [uri "/sftp-config.json"] [unique_id "aj9OI3VTSnWLkUlUp84abgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 18:53:24 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 14:53:17.514195 2026] [security2:error] [pid 3897:tid 3897] [client 23.95.0.162:16466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demondomain.com"] [uri "/sftp-config.json"] [unique_id "aj7KnTxTBWRzVkirsjzJyAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 16:53:59 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:53:55.585350 2026] [security2:error] [pid 20992:tid 20992] [client 23.95.0.162:39532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deltasouls.com"] [uri "/sftp-config.json"] [unique_id "aj6uo6zxEtkRlrUnuuuM_QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-06-26 00:05:32 (3 days ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /sftp-config.json UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 4server	2026-06-25 21:28:34 (3 days ago)	[ThuJun2523:28:30.0675242026][security2:error][pid1352528:tid1352535][client23.95.0.162:0]ModSecurit ... show more [ThuJun2523:28:30.0675242026][security2:error][pid1352528:tid1352535][client23.95.0.162:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"dc-graphicart.com\"][uri\"/.vscode/sftp.json\"][unique_id\"aj2dfhN9jdphIfsgpvTe9wAAAAU\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 21:01:01 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 17:00:55.078804 2026] [security2:error] [pid 7330:tid 7330] [client 23.95.0.162:26656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dbq.us"] [uri "/sftp-config.json"] [unique_id "aj2XB8RdPAoihjL0V5PE_AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 18:42:49 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 14:42:45.007130 2026] [security2:error] [pid 17163:tid 17163] [client 23.95.0.162:45210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daydar.net"] [uri "/sftp-config.json"] [unique_id "aj12pcjH3dqZSLoh6gCUYwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 17:16:13 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 13:16:06.169972 2026] [security2:error] [pid 6311:tid 6329] [client 23.95.0.162:36932] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daviscountyossr.org"] [uri "/sftp-config.json"] [unique_id "aj1iVoQPezOIhxYHKCzVpgAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 15:22:02 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:21:55.384302 2026] [security2:error] [pid 5412:tid 5427] [client 23.95.0.162:17676] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "draas.info"] [uri "/sftp-config.json"] [unique_id "aj1Hk33aioTIVDRXmbT78wAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 14:13:15 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 23.95.0.162 (23-95-0-162-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:13:09.071439 2026] [security2:error] [pid 1553:tid 1663] [client 23.95.0.162:18052] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "docdalton.com"] [uri "/sftp-config.json"] [unique_id "ajvl9SgeqWSNLYqbEq75ZwAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.205

🇺🇸 195.184.76.226

🇨🇳 125.77.175.2

🇺🇸 91.230.168.185

🇫🇷 91.196.152.4

🇫🇷 85.217.140.22

🇭🇰 199.45.154.187

🇧🇷 187.8.64.94

🇲🇰 185.193.240.246

🇺🇸 165.154.206.139

🇺🇸 147.185.132.198

🇫🇮 135.181.7.232

🇫🇷 135.125.29.132

🇺🇸 66.132.172.241

🇩🇪 64.89.163.83

🇱🇹 45.227.254.170

🇵🇰 39.61.124.238

🇺🇸 35.223.173.244

🇧🇪 34.76.12.236

🇭🇰 220.246.47.146