JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.231.16.195

123.231.16.195 was found in our database!

This IP was reported 106 times. Confidence of Abuse is 63%: ?

63%

ISP	MTT Network Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS18001
Domain Name	mtt.network
Country	🇱🇰 Sri Lanka
City	Colombo, Western Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.231.16.195

Whois 123.231.16.195

IP Abuse Reports for 123.231.16.195:

This IP address has been reported a total of 106 times from 58 distinct sources. 123.231.16.195 was first reported on February 18th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 07:54:24 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 123.231.16.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 123.231.16.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 03:54:17.224985 2026] [security2:error] [pid 17071:tid 17071] [client 123.231.16.195:35393] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|anchor07.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "anchor07.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajJSqTjbGtUfZrG2uhwEgwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-17 04:11:46 (1 week ago)	[WedJun1706:11:41.9762162026][security2:error][pid2757574:tid2757751][client123.231.16.195:0]ModSecu ... show more [WedJun1706:11:41.9762162026][security2:error][pid2757574:tid2757751][client123.231.16.195:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"subitotraslochi.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajIefYcRbfUGGPB3lw5SMQAAANg\"] show less	Port Scan Brute-Force Web App Attack
🇮🇩 Burayot	2026-06-15 08:50:35 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 123.231.16.195 (LK/Sri Lanka/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 123.231.16.195 (LK/Sri Lanka/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 etu brutus	2026-06-05 07:35:33 (2 weeks ago)	123.231.16.195 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇨🇭 4server	2026-06-05 06:31:58 (2 weeks ago)	[FriJun0508:31:51.9041272026][security2:error][pid3953798:tid3954459][client123.231.16.195:0]ModSecu ... show more [FriJun0508:31:51.9041272026][security2:error][pid3953798:tid3954459][client123.231.16.195:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"sesael.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiJtV50r8yYYdSrEJuroMAAAAEc\"] show less	Hacking Web App Attack
Anonymous	2026-06-03 11:20:19 (3 weeks ago)	Web attack blocked by Wordfence on www.historischarchiefvalkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
🇩🇪 big-cloud.nl	2026-06-03 11:10:28 (3 weeks ago)	Try to access /xmlrpc.php	Web App Attack
🇫🇮 as211431.net	2026-05-29 05:12:52 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from LK. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from LK. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (POST method) Endpoint: /xmlrpc.php UA: Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/85.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-05-29 04:30:02 (3 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇩🇪 stinpriza	2026-05-28 05:39:23 (3 weeks ago)	Web App Attack	Web App Attack
🇫🇮 inlink.ltd	2026-05-28 04:58:48 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-05-28 04:02:35 (3 weeks ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇫🇷 dynamix	2026-05-27 11:05:45 (4 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇲🇹 neilcaruana	2026-05-23 05:52:28 (1 month ago)	Sentinel detected an attack on port [443]	Hacking
🇫🇷 SpaceHost-Server	2026-05-22 22:26:10 (1 month ago)		Brute-Force Web App Attack

Showing 1 to 15 of 106 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 2001:b07:646b:acca:ad56:8626:5492:14f8

🇮🇳 182.95.217.202

🇧🇩 161.248.200.178

🇫🇮 89.167.124.202

🇹🇷 45.141.148.148

🇮🇹 2a01:e11:400:f100:f8d6:bc32:692b:7077

🇩🇪 194.187.176.101

🇲🇰 185.225.28.3

🇮🇩 182.9.48.16

🇮🇩 157.15.40.58

🇯🇵 142.248.150.59

🇧🇩 103.86.198.253

🇫🇷 89.117.61.157

🇳🇱 45.148.10.152

🇲🇽 38.210.179.232

🇮🇹 2001:b07:646b:acca:b88c:eb24:9574:fefa

🇰🇷 222.108.100.117

🇺🇸 195.184.76.162

🇩🇪 130.61.242.143

🇨🇳 119.45.253.10