AbuseIPDB » 161.123.130.112
161.123.130.112
This IP was reported 4 times. Confidence of
Abuse
is 0% : ?
ISP
Wirels Connect (PTY) Ltd
Usage Type
Data Center/Web Hosting/Transit
ASN
AS203020
Domain Name
telafrica.net
Country
๐บ๐ธ
United States of America
City
Romulus, Michigan
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 161.123.130.112 :
This IP address has been reported a total of
4
times from
3 distinct
sources.
161.123.130.112 was first reported on
January 23rd 2024 , and the most recent report was
11 months ago
Old Reports:
The most recent abuse report for this IP address is from
11 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฎ๐ฉ
Burayot
2025-07-06 04:41:52
(11 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 161.123.130.112 (US/United States/- ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 161.123.130.112 (US/United States/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฎ๐ฉ
BPS-StatisticsIndonesia
2025-07-06 03:59:26
(11 months ago)
XML RPC Scan Activities
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-23 08:27:02
(2 years ago)
(mod_security) mod_security (id:217280) triggered by 161.123.130.112 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:217280) triggered by 161.123.130.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 23 03:26:57.849180 2024] [security2:error] [pid 26296] [client 161.123.130.112:58623] [client 161.123.130.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n|\\\\r)+(?:get|post|head|options|connect|put|delete|trace|propfind|propatch|mkcol|copy|move|lock|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack||www.namisushionline.com|F|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.namisushionline.com"] [uri "/action.php"] [unique_id "Za94UUFlCOmz1_4z4KqW1gAAABE"], referer: https://www.namisushionline.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-23 00:45:02
(2 years ago)
(mod_security) mod_security (id:217280) triggered by 161.123.130.112 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:217280) triggered by 161.123.130.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 22 19:44:54.410258 2024] [security2:error] [pid 15547] [client 161.123.130.112:56349] [client 161.123.130.112] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n|\\\\r)+(?:get|post|head|options|connect|put|delete|trace|propfind|propatch|mkcol|copy|move|lock|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack||moonlightmotel.com|F|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "moonlightmotel.com"] [uri "/"] [unique_id "Za8MBlZzmqaxPiVTK3-8SwAAAAA"], referer: http://moonlightmotel.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
4
of 4 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: