JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 105.164.128.57

105.164.128.57 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 49%: ?

49%

ISP	Safaricom Limited
Usage Type	Fixed Line ISP
ASN	AS37061
Domain Name	safaricom.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 105.164.128.57

Whois 105.164.128.57

IP Abuse Reports for 105.164.128.57:

This IP address has been reported a total of 11 times from 9 distinct sources. 105.164.128.57 was first reported on April 26th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 dbmwebdesign	2026-06-19 11:25:04 (2 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 15:20:14 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 105.164.128.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 105.164.128.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:20:11.641823 2026] [security2:error] [pid 25481:tid 25481] [client 105.164.128.57:22233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 105.164.128.57 (+1 hits since last alert)\|hotelausland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hotelausland.com"] [uri "/xmlrpc.php"] [unique_id "ajQMqwLgdVJwCzpyfjxdygAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-06-18 12:42:34 (3 days ago)	(wordpress) Failed wordpress login from 105.164.128.57 (KE/Kenya/-): (CF_ENABLE)	Brute-Force
Anonymous	2026-06-18 11:16:16 (3 days ago)	[server.tmg.gr] httpd-xmlrpc-post: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr. ... show more [server.tmg.gr] httpd-xmlrpc-post: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:37:59 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 105.164.128.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 105.164.128.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:37:52.266676 2026] [security2:error] [pid 11844:tid 11855] [client 105.164.128.57:3691] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 105.164.128.57 (+1 hits since last alert)\|illianapartyrentals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "illianapartyrentals.com"] [uri "/xmlrpc.php"] [unique_id "ajOEMOQ-d8fwz7HeES-qKgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-18 05:00:29 (3 days ago)	(wordpress) Failed wordpress login from 105.164.128.57 (KE/Kenya/-): (CF_ENABLE)	Brute-Force
Anonymous	2026-06-18 04:36:10 (3 days ago)	Attac	Brute-Force
🇰🇷 zlhIcd	2026-06-18 02:58:10 (3 days ago)	105.164.128.57 - - [16/Jun/2026:01:56:42 +0900] "GET /pcwiki/index.php?days=14&from=20251106155144&h ... show more 105.164.128.57 - - [16/Jun/2026:01:56:42 +0900] "GET /pcwiki/index.php?days=14&from=20251106155144&hideliu=1&hideminor=1&title=%ED%8A%B9%EC%88%98%EA%B8%B0%EB%8A%A5:%EB%A7%81%ED%81%AC%EC%B5%9C%EA%B7%BC%EB%B0%94%EB%80%9C HTTP/1.1" 404 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.4; rv:133.0) Gecko/20100101 Firefox/133.0" ... show less	Web Spam SQL Injection Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 13:41:42 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 105.164.128.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 105.164.128.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:41:38.246861 2026] [security2:error] [pid 27142:tid 27160] [client 105.164.128.57:9327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailcleaner.com"] [uri "/wp-config.php"] [unique_id "aiq7Eu1o9xD5k-pUbbLEzgAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-13 00:23:32 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇮🇹 VHosting	2026-04-26 13:16:24 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.72

🇨🇳 123.191.137.148

🇳🇱 91.92.40.240

🇮🇱 87.71.5.165

🇺🇸 23.92.27.206

🇺🇸 20.64.106.91

🇺🇸 147.185.132.109

🇻🇳 103.106.104.25

🇲🇳 66.181.171.136

🇺🇸 64.62.197.2

🇺🇸 47.77.213.54

🇺🇸 44.200.12.29

🇯🇵 8.209.229.161

🇮🇳 203.190.153.90

🇳🇱 176.65.139.14

🇸🇬 152.42.190.92

🇺🇸 137.184.36.28

🇨🇳 123.233.239.158

🇮🇷 78.39.48.166

🇺🇸 20.168.123.224