JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.123.33.162

161.123.33.162 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Wirels Connect (PTY) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	telafrica.net
Country	🇺🇸 United States of America
City	Romulus, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.123.33.162

Whois 161.123.33.162

IP Abuse Reports for 161.123.33.162:

This IP address has been reported a total of 11 times from 5 distinct sources. 161.123.33.162 was first reported on October 30th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-06 08:02:03 (4 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 08:16:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 03:16:19.517157 2026] [security2:error] [pid 12991:tid 12991] [client 161.123.33.162:41587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "aWtFU88DJr1nVK_bgzo9iQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:06:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:06:29.132638 2025] [security2:error] [pid 29977:tid 29979] [client 161.123.33.162:54661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/.env.save"] [unique_id "aVLfRTWelXmsIDHwJWYFpQAAAYA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 14:54:56 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 09:54:50.266480 2025] [security2:error] [pid 2036:tid 2036] [client 161.123.33.162:42441] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/tools/sourceViewer/index.html"] [unique_id "aRXxOgbkx6lsyZ6AqSTzQwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 08:35:52 (8 months ago)	Confluence Server OGNL Injection Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇺🇸 TPI-Abuse	2025-07-27 01:06:37 (10 months ago)	(mod_security) mod_security (id:212750) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:06:32.341199 2025] [security2:error] [pid 653296:tid 653318] [client 161.123.33.162:34777] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|kettlehill.net\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /?spai_vjs=</script><img src=1 onerror=alert(document.domain)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.net"] [uri "/"] [unique_id "aIV7mL5epZI5Xx2m9sk1IwAAAUo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 00:52:47 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 161.123.33.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:52:39.876013 2025] [security2:error] [pid 3870857:tid 3870857] [client 161.123.33.162:42383] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/cgi-bin/status"] [unique_id "aDkBV8LYTkRY81GVY27ILgAAABY"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-27 16:20:06 (1 year ago)	\| Shellshock attack detected	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-05 23:25:45 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 03:47:03 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 22:00:15 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 79.124.40.110

🇻🇳 171.244.141.86

🇷🇺 95.108.213.242

🇷🇺 87.250.224.117

🇺🇸 66.132.224.54

🇩🇪 51.75.64.35

🇰🇷 49.173.219.139

🇹🇭 118.193.57.121

🇷🇺 95.215.108.8

🇳🇱 91.92.40.7

🇫🇷 51.178.183.70

🇮🇳 13.200.231.163

🇹🇼 198.235.24.78

🇫🇷 139.28.219.70

🇩🇪 130.61.73.238

🇳🇱 91.92.40.6

🇰🇷 54.116.53.230

🇺🇸 50.62.22.47

🇸🇬 43.160.197.240

🇺🇸 13.89.124.218