AbuseIPDB » 23.96.0.171

23.96.0.171 was found in our database!

This IP was reported 63 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
Domain Name	microsoft.com
Country	United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 23.96.0.171

Whois 23.96.0.171

IP Abuse Reports for 23.96.0.171:

This IP address has been reported a total of 63 times from 39 distinct sources. 23.96.0.171 was first reported on February 16th 2021, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
EISadmin	2 hours ago	/wp-content/	Web App Attack
HJ5Ss4Ju	7 hours ago	Forbidden directory scan :: 2021/02/25 05:39:48 [error] 38088#38088: *366790 access forbidden by rul ... show moreForbidden directory scan :: 2021/02/25 05:39:48 [error] 38088#38088: *366790 access forbidden by rule, client: 23.96.0.171, server: [censored_1], request: "GET /.env HTTP/1.1", host: "www.[censored_1]" show less	Hacking
Anonymous	13 hours ago	Configuration snooping (/.env): 23.96.0.171 - - [24/Feb/2021:23:22:51 +0000] "GET /.env HTTP/ ... show moreConfiguration snooping (/.env): 23.96.0.171 - - [24/Feb/2021:23:22:51 +0000] "GET /.env HTTP/1.1" 200 234 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Hacking Web App Attack
axllent	13 hours ago	Scanning for exploits - /.env	Web App Attack
www.elinox.de	20 hours ago	24.02.2021 17:11:07 - Wordpress fail Detected by ELinOX-ALM	Hacking Web App Attack
DUBREUIL	24 Feb 2021	Fake Microsoft bot	DDoS Attack Open Proxy Port Scan Hacking SQL Injection Brute-Force Web App Attack SSH
TheMadBeaker	24 Feb 2021	Port Scan: TCP/80	Port Scan
CrystalMaker	24 Feb 2021	Wordpress attack - GET /.env; GET /wp-content/	Web App Attack
security.rdmc.fr	24 Feb 2021	Automatic report - Banned IP Access	Web App Attack
el-brujo	24 Feb 2021	24/Feb/2021:07:39:24 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 23.96.0 ... show more24/Feb/2021:07:39:24 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 23.96.0.171] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "140"] [id "930130"] [rev "1"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.0.0"] [maturity "7"] [accuracy "8"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "OWASP_CRS/WEB_ATTACK/FILE_INJECTION"] [tag "WASCTC/WASC-33"] [tag "OWASP_TOP_10/A4"] [tag "PCI/6.5.4"] [hostname "warzone.elhacker.net"] [uri "/.env"] [unique_id "YDX0nMTSBA6YzhM4bMHzxgAAAFE"] ... show less	Hacking Web App Attack
Harm222	23 Feb 2021	jue-17 : Block hidden directories=>/.env(/)	Hacking
vfinder	23 Feb 2021	Backdrop CMS module report: Request: /wp-content/	Brute-Force Bad Web Bot Web App Attack
WebWizards.NZ	23 Feb 2021	Trolling for resource vulnerabilities	Web App Attack
sdos.es	23 Feb 2021	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
jcbriar	23 Feb 2021	Searching for vulnerable scripts	Hacking Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩