JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.233.96.123

194.233.96.123 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	Packethub S.A.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS147049
Domain Name	packethub.net
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.233.96.123

Whois 194.233.96.123

IP Abuse Reports for 194.233.96.123:

This IP address has been reported a total of 17 times from 7 distinct sources. 194.233.96.123 was first reported on May 13th 2022, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bitblockit	2026-04-14 05:02:59 (2 months ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 54244/tcp. Observed event time: 2026-04-14 05:02:59 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-04-14 04:46:33 (2 months ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 54244/tcp. Observed event time: 2026-04-14 04:46:33 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-04-14 04:30:08 (2 months ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 6740/tcp. Observed event time: 2026-04-14 04:30:08 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-04-14 04:22:25 (2 months ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 6740/tcp. Observed event time: 2026-04-14 04:22:25 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇺🇸 bitblockit	2026-04-14 03:57:49 (2 months ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. D ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: Suricata. Decoy listen port: 6740/tcp. Observed event time: 2026-04-14 03:57:49 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇨🇳 pengpeng	2026-03-05 01:41:31 (3 months ago)	monitor: on VM-0-7-ubuntu \| port: 17138 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 17138 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2025-04-18 14:56:19 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 10:56:13.372011 2025] [security2:error] [pid 27036:tid 27036] [client 194.233.96.123:54888] [client 194.233.96.123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.sangalgano.info\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sangalgano.info"] [uri "/logs/access.log"] [unique_id "aAJoDWF8PkVFMztlPxen1AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-18 11:11:58 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 07:11:53.866228 2025] [security2:error] [pid 3666961:tid 3666961] [client 194.233.96.123:44904] [client 194.233.96.123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.fatparrots.org\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fatparrots.org"] [uri "/logs/access.log"] [unique_id "aAIzeUpSJJfBd-Cr_AfptAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-17 22:18:39 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 17 18:18:33.299466 2025] [security2:error] [pid 3419044:tid 3419044] [client 194.233.96.123:21054] [client 194.233.96.123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|tracdynamics.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tracdynamics.com"] [uri "/requests.log"] [unique_id "aAF-Oc1IFBq_3D3ia-ztNAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-17 15:15:08 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 17 11:15:00.549322 2025] [security2:error] [pid 12703:tid 12703] [client 194.233.96.123:51666] [client 194.233.96.123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.orientexpress.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.orientexpress.com"] [uri "/log/access.log"] [unique_id "aAEa9OSK8YKbXzXDqYV9LwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-17 11:37:18 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 17 07:37:15.272262 2025] [security2:error] [pid 15909:tid 15909] [client 194.233.96.123:25072] [client 194.233.96.123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.ecomim.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ecomim.com"] [uri "/logs/access.log"] [unique_id "aADn6_PnEc84UouzyFw2zgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-17 10:11:24 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.233.96.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 17 06:11:17.086169 2025] [security2:error] [pid 1666228:tid 1666228] [client 194.233.96.123:37934] [client 194.233.96.123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.arcaneauto.org\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.arcaneauto.org"] [uri "/log/access.log"] [unique_id "aADTxev54FEHaTuio44qvwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Cobblepot	2024-12-12 22:04:00 (1 year ago)	automatically mass attempts to post links to scam websites on which user data and credit card data a ... show more automatically mass attempts to post links to scam websites on which user data and credit card data are stolen. show less	Phishing Blog Spam
🇩🇪 BestFans.com	2024-09-29 17:23:04 (1 year ago)	Credential brute-force attacks on webpage logins	Brute-Force
Anonymous	2024-07-10 08:10:51 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 223.123.125.10

🇲🇾 115.132.164.82

🇷🇺 94.103.3.226

🇫🇮 77.105.130.18

🇺🇸 45.156.129.46

🇯🇵 8.209.210.166

🇯🇵 8.209.200.91

🇪🇬 197.59.165.119

🇰🇿 193.31.200.85

🇨🇳 183.191.225.46

🇪🇨 181.188.237.218

🇺🇸 172.184.220.193

🇷🇴 141.98.83.48

🇵🇰 124.109.33.122

🇨🇳 119.36.105.150

🇫🇷 84.247.190.4

🇪🇸 77.74.229.158

🇯🇲 69.160.102.47

🇯🇲 69.79.201.150

🇺🇸 68.60.193.229