JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.210.28.56

102.210.28.56 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 22%: ?

22%

ISP	Vilcom_Networks_Limited_Home
Usage Type	Fixed Line ISP
ASN	AS329014
Domain Name	vilcom.co.ke
Country	🇰🇪 Kenya
City	Eldoret, Uasin Gishu County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.210.28.56

Whois 102.210.28.56

IP Abuse Reports for 102.210.28.56:

This IP address has been reported a total of 30 times from 15 distinct sources. 102.210.28.56 was first reported on July 18th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇮 extremevital	2026-06-08 02:35:11 (9 hours ago)	...	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-07 19:38:38 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 102.210.28.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.210.28.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:38:32.620402 2026] [security2:error] [pid 3731:tid 3731] [client 102.210.28.56:18693] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.210.28.56 (+1 hits since last alert)\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cemesur-vision21.com"] [uri "/xmlrpc.php"] [unique_id "aiXIuKhuThRgjDS_5dZEpAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 00:23:34 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 102.210.28.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 102.210.28.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 20:23:30.394282 2026] [security2:error] [pid 7639:tid 7639] [client 102.210.28.56:22148] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.ifatreefallsfilm.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ifatreefallsfilm.com"] [uri "/ publisher=ifatreefallsfilm.com"] [unique_id "aiDFghN6CcX9IDpBb67k7AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 week ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 8969aafa-3f20-493f-8883-3bda65a2b909	DDoS Attack
🇳🇱 maxxsense	2026-02-28 10:45:56 (3 months ago)	102.210.28.56 (KE/Kenya/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇨🇦 polycoda	2026-02-27 11:42:34 (3 months ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
Anonymous	2026-01-19 11:07:54 (4 months ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇮🇹 VHosting	2025-12-23 11:23:04 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇩🇪 SMARTNET	2025-11-30 18:38:00 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇩🇪 SMARTNET	2025-11-30 18:38:00 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
🇩🇪 SMARTNET	2025-11-26 07:00:13 (6 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
Anonymous	2025-11-24 19:59:42 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-18 08:10:15 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-14 11:29:18 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-08 13:11:15 (6 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 143.95.213.196

🇨🇳 115.190.3.212

🇳🇱 45.148.10.151

🇦🇷 186.122.11.161

🇺🇸 172.190.89.127

🇨🇳 120.48.60.18

🇨🇳 112.46.213.96

🇺🇸 98.142.247.115

🇳🇱 45.148.10.157

🇸🇬 43.156.60.15

🇪🇬 41.237.34.182

🇬🇧 193.163.125.138

🇹🇭 180.180.33.45

🇭🇰 118.193.44.184

🇫🇷 91.231.89.133

🇨🇳 36.159.179.183

🇯🇵 8.211.153.127

🇩🇪 8.211.44.115

🇰🇷 222.239.251.12

🇲🇽 187.136.25.46