JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.123.130.102

161.123.130.102 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	Wirels Connect (PTY) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	telafrica.net
Country	🇺🇸 United States of America
City	Romulus, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.123.130.102

Whois 161.123.130.102

IP Abuse Reports for 161.123.130.102:

This IP address has been reported a total of 20 times from 8 distinct sources. 161.123.130.102 was first reported on October 31st 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-12-27 06:35:46 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:211190) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 27 01:35:36.900453 2024] [security2:error] [pid 30040:tid 30045] [client 161.123.130.102:50447] [client 161.123.130.102] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/index.php"] [unique_id "Z25KuFPknNVrOJxzrw5piwAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dayda.net	2024-12-04 13:45:38 (1 year ago)	url=http://example.com	Bad Web Bot
🇩🇪 Alejandro Docasar	2024-11-26 18:55:55 (1 year ago)		Web App Attack
🇺🇸 TPI-Abuse	2024-09-27 00:12:22 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:221260) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 20:09:16.476899 2024] [security2:error] [pid 16248:tid 16256] [client 161.123.130.102:44063] [client 161.123.130.102] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.staging.kettlehill.com"] [uri "/cgi-bin/test"] [unique_id "ZvX3rKCPOG9JWfFC0TMZjwAAAEY"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-03 18:40:15 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:39:29.494586 2024] [security2:error] [pid 19357:tid 19357] [client 161.123.130.102:51529] [client 161.123.130.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.stdavids-media.com\|F\|2"] [data ".example.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.stdavids-media.com"] [uri "/.example.com"] [unique_id "ZtdX4RfB_t7Eb3PL87GOFgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2024-07-15 18:03:22 (1 year ago)	SS1: Web Attack GET /wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/succ ... show more SS1: Web Attack GET /wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error&error_description=%3Csvg/onload=alert(1)%3E show less	Web Spam Hacking Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-07-15 17:02:41 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-15 08:00:14 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
Anonymous	2024-05-05 23:19:56 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
Anonymous	2024-04-24 00:02:11 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-04-10 02:53:10 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 161.123.130.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 09 22:52:01.329992 2024] [security2:error] [pid 31282:tid 47092022085376] [client 161.123.130.102:59845] [client 161.123.130.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/wp-content/uploads/dump.sql"] [unique_id "ZhX-0R_mInyAqR-iWhvzcwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-03-27 08:40:10 (2 years ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force
🇪🇸 10dencehispahard SL	2024-03-27 06:43:08 (2 years ago)	WP scan	Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 02:28:23 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 47.254.24.110

🇺🇸 18.191.32.78

🇫🇷 207.180.223.44

🇲🇾 202.165.15.132

🇱🇹 188.69.225.188

🇲🇾 183.171.49.144

🇻🇳 180.93.32.181

🇺🇸 165.154.172.231

🇺🇸 159.65.184.70

🇨🇳 116.207.112.208

🇺🇸 64.62.156.152

🇳🇱 45.148.10.141

🇺🇸 20.169.107.71

🇨🇳 218.94.25.243

🇪🇨 177.53.215.134

🇺🇸 135.237.126.230

🇻🇳 103.237.144.204

🇳🇱 91.92.40.27

🇺🇸 64.62.156.222

🇳🇱 45.148.10.240