JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.123.93.162

161.123.93.162 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	Wirels Connect (PTY) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	telafrica.net
Country	🇺🇸 United States of America
City	Detroit, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.123.93.162

Whois 161.123.93.162

IP Abuse Reports for 161.123.93.162:

This IP address has been reported a total of 19 times from 8 distinct sources. 161.123.93.162 was first reported on October 30th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ps-center	2024-11-27 02:51:19 (1 year ago)	SS1: Web Attack GET /phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Csc ... show more SS1: Web Attack GET /phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E show less	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-26 23:34:14 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 18:34:09.274282 2024] [security2:error] [pid 14708:tid 14902] [client 161.123.93.162:43811] [client 161.123.93.162] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?p=3232&wp_automatic=download&link=file:///etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/"] [unique_id "Z0Za8bZ-yNDsuHkwIgx3vgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dayda.net	2024-11-22 03:38:35 (1 year ago)	task=download&dw_file=../../.././../../../etc/passwd	Bad Web Bot
🇳🇱 EGP Abuse Dept	2024-11-14 10:42:55 (1 year ago)	SQL injection attack	SQL Injection
🇺🇸 TPI-Abuse	2024-09-04 02:53:33 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 22:53:25.273767 2024] [security2:error] [pid 11033:tid 11033] [client 161.123.93.162:38025] [client 161.123.93.162] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.stdavids-media.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?page_slug=../../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stdavids-media.com"] [uri "/index.php"] [unique_id "ZtfLpT_DdGJnKFKpzZMaTgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-01 01:55:51 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 21:52:58.465465 2024] [security2:error] [pid 3087700:tid 3087730] [client 161.123.93.162:36619] [client 161.123.93.162] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpanel.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.net"] [uri "/cgi-bin/status"] [unique_id "ZtPI-tyH84duF-C5mXVJjwAAAYA"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-07-02 08:03:01 (1 year ago)	Suspicious activity detected by Modsecurity [Suspicious IP found on 4 endpoints 56 hits. Reincident ... show more Suspicious activity detected by Modsecurity [Suspicious IP found on 4 endpoints 56 hits. Reincident by 0. Rules:] show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-06-27 08:29:11 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 04:29:06.158272 2024] [security2:error] [pid 32390:tid 47206680872704] [client 161.123.93.162:57221] [client 161.123.93.162] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/index.php"] [unique_id "Zn0i0tMpwM1gvzu5JaGa5gAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-05-08 07:00:43 (2 years ago)	Unauthorized login attempts []	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-08 06:33:12 (2 years ago)	Web Attack	DDoS Attack Brute-Force Web App Attack
Anonymous	2024-04-18 20:46:44 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force
🇪🇸 10dencehispahard SL	2024-03-27 06:52:38 (2 years ago)	WP scan	Web App Attack
🇺🇸 TPI-Abuse	2024-03-22 23:18:35 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 22 19:18:27.959391 2024] [security2:error] [pid 2998:tid 47476839024384] [client 161.123.93.162:54035] [client 161.123.93.162] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/kettlehill.com/errors.log"] [unique_id "Zf4Rw7TObcPMvcFQ9aqnLQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-07 07:02:30 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 161.123.93.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 07 02:02:26.744754 2024] [security2:error] [pid 31842] [client 161.123.93.162:59001] [client 161.123.93.162] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|stdavids-media.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stdavids-media.com"] [uri "/install/froxlor.sql"] [unique_id "ZcMrArxnm7S-LvsnNQLTXgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2409:4091:2062:8406:a93f:4d83:bf3d:8431

🇩🇪 194.187.176.66

🇫🇮 147.185.133.44

🇮🇩 103.168.135.187

🇺🇸 100.51.6.16

🇫🇷 91.231.89.214

🇺🇸 64.62.156.203

🇹🇷 45.155.19.162

🇨🇳 203.76.241.18

🇬🇧 193.163.125.153

🇨🇴 190.67.106.221

🇹🇭 152.32.247.22

🇯🇵 118.6.206.76

🇸🇬 101.47.8.187

🇫🇷 38.242.214.50

🇩🇪 172.217.33.210

🇨🇳 101.43.79.210

🇺🇸 91.230.168.188

🇸🇬 86.105.106.76

🇱🇻 81.30.98.49