JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.95.150.226

23.95.150.226 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 2%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	23-95-150-226-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.95.150.226

Whois 23.95.150.226

IP Abuse Reports for 23.95.150.226:

This IP address has been reported a total of 8 times from 2 distinct sources. 23.95.150.226 was first reported on September 1st 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 03:26:44 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:210730) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 23:26:39.396552 2026] [security2:error] [pid 7577:tid 7684] [client 23.95.150.226:44007] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/config.php.bak"] [unique_id "ahz7746nP6TlQzUBlJvg3AAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-21 05:50:05 (6 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:03:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:03:29.477964 2025] [security2:error] [pid 8098:tid 8098] [client 23.95.150.226:38967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.svn/wc.db"] [unique_id "aS9iMW_Kp5xNu5Q7DR_T-AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:44:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:42:17.988592 2025] [security2:error] [pid 31256:tid 31268] [client 23.95.150.226:44315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.env.production"] [unique_id "aS0quW28JkE_f6YcP87qewAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 06:21:12 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 02:21:06.163948 2025] [security2:error] [pid 24715:tid 24715] [client 23.95.150.226:48605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/sftp-config.json"] [unique_id "aQGyUkJa2J135SonPkYUaQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 18:32:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:210492) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 14:32:27.587294 2025] [security2:error] [pid 28115:tid 28126] [client 23.95.150.226:50405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.fandgins.com"] [uri "/_.htaccess"] [unique_id "aQEMOz2hXxJMRgJrx_NNDQAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-23 01:44:01 (9 months ago)	(mod_security) mod_security (id:217200) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:217200) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 21:43:53.950542 2025] [security2:error] [pid 28500:tid 28500] [client 23.95.150.226:39533] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|deandobkin.com:443\|F\|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "deandobkin.com"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aNH7WVlxqkMj4bnWK88EHQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-01 01:23:10 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing. ... show more (mod_security) mod_security (id:210730) triggered by 23.95.150.226 (23-95-150-226-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 21:23:06.108665 2025] [security2:error] [pid 4167008:tid 4167049] [client 23.95.150.226:46863] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/site.sql"] [unique_id "aLT1eg6DfZQKU24eXUweXgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 152.59.147.228

🇧🇷 201.17.146.173

🇳🇱 176.65.139.181

🇺🇸 141.11.88.11

🇨🇳 121.234.73.16

🇨🇳 106.74.16.171

🇱🇻 81.30.98.158

🇦🇪 47.91.125.252

🇩🇴 45.85.180.54

🇭🇰 20.24.82.168

🇪🇸 213.97.183.45

🇺🇸 195.184.76.123

🇩🇪 185.242.3.195

🇩🇪 167.94.146.39

🇩🇪 167.94.145.18

🇯🇵 104.46.236.84

🇹🇼 114.39.26.104

🇷🇺 109.173.39.103

🇮🇩 43.165.197.116

🇹🇿 41.59.243.110