JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.23.43.159

102.23.43.159 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 35%: ?

35%

ISP	GVA Burkina Faso
Usage Type	Fixed Line ISP
ASN	AS36924
Domain Name	gva.africa
Country	🇧🇫 Burkina Faso
City	Bobo-Dioulasso, Hauts-Bassins

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.23.43.159

Whois 102.23.43.159

IP Abuse Reports for 102.23.43.159:

This IP address has been reported a total of 20 times from 19 distinct sources. 102.23.43.159 was first reported on March 5th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-11 09:02:56 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 grassau.com	2026-06-10 12:54:40 (2 days ago)	(wordpress) Failed wordpress login from 102.23.43.159 (BF/Burkina Faso/Kadiogo Province/Ouagadougou/ ... show more (wordpress) Failed wordpress login from 102.23.43.159 (BF/Burkina Faso/Kadiogo Province/Ouagadougou/-) show less	Brute-Force
Anonymous	2026-06-02 16:58:14 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-31 16:34:20 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 102.23.43.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 102.23.43.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 12:34:16.272602 2026] [security2:error] [pid 23814:tid 23814] [client 102.23.43.159:57679] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 102.23.43.159 (+1 hits since last alert)\|innolympics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "innolympics.com"] [uri "/xmlrpc.php"] [unique_id "ahxjCNEvgXUlJW_RN7nWFwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 6ed80dcf-192e-41b9-b3cf-8e7356812aa9	DDoS Attack
🇩🇪 findlab	2026-04-17 15:00:01 (1 month ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-04-17 13:48:43 (1 month ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 Rip	2026-03-26 15:17:16 (2 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack
🇺🇸 mnsf	2026-03-26 10:05:31 (2 months ago)	Xmlrpc Caught (9)	Brute-Force Web App Attack
🇦🇺 afleventoffice.com.au	2026-03-25 23:26:40 (2 months ago)	POST /xmlrpc.php HTTP/1.1	Web App Attack
🇮🇳 dineshskt4all	2026-03-25 15:26:17 (2 months ago)	[Wed Mar 25 15:26:14.797530 2026] [proxy_fcgi:error] [pid 3262591:tid 132699717101248] [client 102.2 ... show more [Wed Mar 25 15:26:14.797530 2026] [proxy_fcgi:error] [pid 3262591:tid 132699717101248] [client 102.23.43.159:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇩🇪 Mario Silber	2026-03-23 14:18:41 (2 months ago)	(wordpress) Failed wordpress login from 102.23.43.159 (BF/Burkina Faso/-)	Brute-Force
🇮🇩 Burayot	2026-03-19 15:48:56 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 102.23.43.159 (BF/Burkina Faso/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 102.23.43.159 (BF/Burkina Faso/-): 1 in the last 3600 secs show less	Web App Attack
🇳🇿 Tripwire	2026-03-17 10:35:39 (2 months ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇺🇸 jcbriar	2026-03-16 22:03:56 (2 months ago)	Searching for vulnerable scripts	Hacking Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 185.200.116.75

🇨🇳 182.42.93.139

🇧🇷 177.130.171.57

🇨🇳 123.13.89.148

🇰🇷 106.246.89.68

🇺🇸 66.132.195.125

🇨🇳 27.42.136.232

🇺🇸 17.241.227.51

🇻🇳 221.132.21.185

🇲🇽 201.103.214.31

🇬🇧 185.216.145.170

🇸🇬 168.144.42.72

🇩🇪 167.94.146.40

🇮🇳 152.58.96.189

🇦🇹 150.251.225.140

🇨🇳 112.20.28.241

🇵🇱 83.168.107.158

🇺🇸 66.132.186.223

🇦🇺 34.87.219.164

🇲🇽 201.138.46.105