AbuseIPDB » 105.163.2.142
105.163.2.142
This IP was reported 7 times. Confidence of
Abuse
is 4% : ?
ISP
Safaricom Limited
Usage Type
Fixed Line ISP
ASN
AS33771
Domain Name
safaricom.co.ke
Country
๐ฐ๐ช
Kenya
City
Nairobi, Nairobi County
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 105.163.2.142 :
This IP address has been reported a total of
7
times from
6 distinct
sources.
105.163.2.142 was first reported on
September 23rd 2025 , and the most recent report was
11 hours ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-06-07 20:31:44
(11 hours ago)
(mod_security) mod_security (id:210730) triggered by 105.163.2.142 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 105.163.2.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:31:36.003090 2026] [security2:error] [pid 11401:tid 11401] [client 105.163.2.142:5867] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.gundiahgazette.com.au|F|2"] [data ".munnacreekhall.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gundiahgazette.com.au"] [uri "/www.munnacreekhall.com"] [unique_id "aiXVJ63Qf-jbkPA8b4AsIAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-02-03 18:36:23
(4 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
2026-01-28 11:01:49
(4 months ago)
scanning http requests from known botnet
Web App Attack
๐บ๐ธ
MPL
2026-01-16 20:06:48
(4 months ago)
tcp/23 (2 or more attempts)
Port Scan
๐ฌ๐ง
OptimusGO
2026-01-15 12:19:22
(4 months ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-01-15 12:19:22 UTC
Log evidence:
01/15/2026-12:19:20.998235 [wDrop] [**] [1:7001101:1] FINSERV CRITICAL: Telnet Access Blocked [**] [Classification: Potential Corporate Privacy Violation] [Priority: 1] {TCP} 105.163.2.142:3102 -> 185.127.18.66:23
01/15/2026-12:19:20.998235 [**] [1:1000103:1] SECURITY Management Port Probe - CRITICAL [**] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 105.163.2.142:3102 -> 185.127.18.66:23
show less
Port Scan
Brute-Force
2025-11-16 20:09:33
(6 months ago)
scanning http requests from known botnet
Web App Attack
๐ฉ๐ช
pressler.pro
2025-09-23 19:59:07
(8 months ago)
Fail2ban - DDoS attack on woocommerce shop
...
DDoS Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: