JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.95.96.140

23.95.96.140 was found in our database!

This IP was reported 512 times. Confidence of Abuse is 100%: ?

100%

ISP	RackNerd LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	23-95-96-140-host.colocrossing.com
Domain Name	racknerd.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.95.96.140

Whois 23.95.96.140

IP Abuse Reports for 23.95.96.140:

This IP address has been reported a total of 512 times from 152 distinct sources. 23.95.96.140 was first reported on December 30th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇿🇦 slartybartfast69420blazit	2026-06-04 20:34:57 (12 hours ago)	Fail2ban picked up 23.95.96.140 attacking nginx	Web App Attack
🇩🇪 ecs.ge	2026-06-04 20:21:42 (13 hours ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇩🇪 4server	2026-06-04 11:30:44 (21 hours ago)	[ThuJun0413:30:39.4844042026][security2:error][pid3284298:tid3284334][client23.95.96.140:0]ModSecuri ... show more [ThuJun0413:30:39.4844042026][security2:error][pid3284298:tid3284334][client23.95.96.140:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"lacer.ch\"][uri\"/\"][unique_id\"aiFh3y6HEekhZA6FRExcQgAAAA4\"] show less	Port Scan Brute-Force Web App Attack
🇿🇦 slartybartfast69420blazit	2026-06-03 20:27:34 (1 day ago)	Fail2ban picked up 23.95.96.140 attacking nginx	Web App Attack
🇫🇷 masterguru	2026-06-03 06:55:56 (2 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 23.95.96.140 (US/United States/23-95- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 23.95.96.140 (US/United States/23-95-96-140-host.colocrossing.com): 2 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-06-03 06:31:19 (2 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 23.95.96.140 (US/United States/23-95- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 23.95.96.140 (US/United States/23-95-96-140-host.colocrossing.com): 2 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-06-03 06:11:35 (2 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 23.95.96.140 (US/United States/23-95- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 23.95.96.140 (US/United States/23-95-96-140-host.colocrossing.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 4server	2026-06-02 15:05:23 (2 days ago)	[TueJun0217:05:17.2295242026][security2:error][pid316806:tid316900][client23.95.96.140:0]ModSecurity ... show more [TueJun0217:05:17.2295242026][security2:error][pid316806:tid316900][client23.95.96.140:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"wildpferde.ch\"][uri\"/\"][unique_id\"ah7xLfACpK5XagQhfiz3TAAAAMA\"] show less	Port Scan Brute-Force Web App Attack
🇿🇦 slartybartfast69420blazit	2026-06-01 20:28:41 (3 days ago)	Fail2ban picked up 23.95.96.140 attacking nginx	Web App Attack
🇫🇷 masterguru	2026-06-01 03:52:51 (4 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 23.95.96.140 (US/United States/23-95-96-140-ho ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 23.95.96.140 (US/United States/23-95-96-140-host.colocrossing.com): 1 in the last 3600 secs (0-193) show less	Hacking
🇩🇪 4server	2026-05-31 21:52:36 (4 days ago)	[SunMay3123:52:31.9279752026][security2:error][pid1751086:tid1751109][client23.95.96.140:0]ModSecuri ... show more [SunMay3123:52:31.9279752026][security2:error][pid1751086:tid1751109][client23.95.96.140:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"fondazionepetronillapontirone.ch\"][uri\"/\"][unique_id\"ahytn-3mZjGF2-sQ7oNZDQAAAAY\"] show less	Port Scan Brute-Force Web App Attack
🇿🇦 slartybartfast69420blazit	2026-05-30 20:51:12 (5 days ago)	Fail2ban picked up 23.95.96.140 attacking nginx	Web App Attack
🇩🇪 4server	2026-05-30 16:23:31 (5 days ago)	[SatMay3018:23:26.6215592026][security2:error][pid4017793:tid4017873][client23.95.96.140:0]ModSecuri ... show more [SatMay3018:23:26.6215592026][security2:error][pid4017793:tid4017873][client23.95.96.140:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"test.pytag.ch\"][uri\"/\"][unique_id\"ahsO_gKcNFUnM-lieVB0KwAAAE4\"] show less	Port Scan Brute-Force Web App Attack
🇿🇦 slartybartfast69420blazit	2026-05-29 20:46:59 (6 days ago)	Fail2ban picked up 23.95.96.140 attacking nginx	Web App Attack
🇺🇸 LotPhantom	2026-05-29 03:47:08 (1 week ago)	23.95.96.140 - - [29/May/2026:03:47:06 +0000] "GET / HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10 ... show more 23.95.96.140 - - [29/May/2026:03:47:06 +0000] "GET / HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0" ... show less	Web App Attack

Showing 1 to 15 of 512 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.58

🇬🇧 193.163.125.121

🇮🇳 172.253.222.219

🇭🇰 43.128.60.40

🇺🇸 8.229.151.138

🇺🇸 162.216.149.218

🇨🇳 121.229.156.88

🇸🇬 47.84.160.85

🇸🇬 47.84.144.190

🇺🇸 18.222.156.64

🇦🇲 176.32.193.16

🇫🇷 173.249.0.223

🇨🇳 124.88.174.143

🇳🇱 93.123.118.208

🇪🇸 82.223.24.195

🇺🇸 64.62.156.28

🇬🇧 45.137.126.6

🇺🇸 32.199.190.98

🇺🇸 20.65.154.146

🇺🇸 216.180.246.65