JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.123.115.123

161.123.115.123 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Wirels Connect (PTY) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	telafrica.net
Country	🇺🇸 United States of America
City	Romulus, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.123.115.123

Whois 161.123.115.123

IP Abuse Reports for 161.123.115.123:

This IP address has been reported a total of 9 times from 3 distinct sources. 161.123.115.123 was first reported on October 30th 2023, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 15:21:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 10:21:45.507804 2026] [security2:error] [pid 2648:tid 2648] [client 161.123.115.123:54071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.prod"] [unique_id "aWupCUN425zs8kNs-1kx9gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:44:00 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:43:51.721812 2025] [security2:error] [pid 22842:tid 22997] [client 161.123.115.123:56197] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /badging/badge_print_v0.php?tpl=../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/badging/badge_print_v0.php"] [unique_id "aVLL51KoonkfA7MmLZf7iwAAAQY"], referer: http://ftp.kettlehill.com/badging/badge_print_v0.php?tpl=../../../../../../../etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:28:04 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:28:00.753066 2025] [security2:error] [pid 5682:tid 5682] [client 161.123.115.123:37737] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\x5c0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-content/plugins/admin-word-count-column/download-csv.php"] [unique_id "aRWkoHgwpnEFdFbjZ3EDYgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:46:03 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:46:01.099885 2025] [security2:error] [pid 404370:tid 404560] [client 161.123.115.123:53779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.com"] [uri "/images../.git/config"] [unique_id "aIV2ycy-cZtwxEkIWL8suQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 03:19:33 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 161.123.115.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 23:19:25.523702 2025] [security2:error] [pid 4020513:tid 4020513] [client 161.123.115.123:52725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/.env.production"] [unique_id "aDkjvUxnsKrIwexv1qgkzgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 12:30:56 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 00:45:09 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 04:43:54 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 10:51:18 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 192.121.158.206

🇧🇷 177.72.195.114

🇺🇸 144.172.103.8

🇨🇳 121.24.110.77

🇺🇸 54.219.127.62

🇺🇸 54.89.254.25

🇺🇸 44.249.246.228

🇺🇸 44.202.203.120

🇺🇸 3.80.144.178

🇳🇱 2400:cb00:995:1000:30fb:b34f:e560:32e1

🇷🇺 212.3.155.8

🇫🇷 207.180.251.138

🇮🇳 182.78.108.126

🇧🇷 138.121.37.143

🇨🇳 119.29.209.104

🇩🇪 68.183.70.177

🇸🇬 54.255.207.216

🇺🇸 54.224.165.165

🇺🇸 54.197.30.109

🇺🇸 54.163.57.58