AbuseIPDB » 164.160.91.19

164.160.91.19 was found in our database!

This IP was reported 787 times. Confidence of Abuse is 100%: ?

100%

ISP	Teraco JHB Cloud Shared
Usage Type	Data Center/Web Hosting/Transit
ASN	AS328037
Hostname(s)	rs26-jhb.za-dns.com
Domain Name	elitehost.co.za
Country	South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 164.160.91.19

Whois 164.160.91.19

IP Abuse Reports for 164.160.91.19:

This IP address has been reported a total of 787 times from 121 distinct sources. 164.160.91.19 was first reported on March 3rd 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
karger	2025-06-05 10:57:17 (1 week ago)	Wordpress attack - soft filter	Brute-Force Web App Attack
todix	2025-06-05 10:44:34 (1 week ago)	Wordpress brute force attempt on login from 164.160.91.19	Brute-Force
Anonymous	2025-06-05 10:19:42 (1 week ago)	Brute forcing Wordpress login	Hacking Web App Attack
Penny Packer	2025-06-03 07:54:32 (1 week ago)	Fail2Ban apache-tripwires	Web App Attack
masterguru	2025-05-30 10:25:35 (2 weeks ago)	SQL Injection Attack Detected via libinjection. detected SQLi using libinjection with fingerprint &# ... show moreSQL Injection Attack Detected via libinjection. detected SQLi using libinjection with fingerprint 'n&1' (942100-122) show less	SQL Injection
Steve	2025-05-30 08:57:22 (2 weeks ago)	Abuse of XMLRPC	Brute-Force Web App Attack
Spidrweb.co.uk	2025-05-30 08:28:51 (2 weeks ago)	Brute-Force WordPress attack (85.155)	Web App Attack
paissangroup	2025-05-30 08:22:53 (2 weeks ago)	Multiple WAF Violations	Web App Attack
decisionconcepts	2025-05-30 08:17:32 (2 weeks ago)	164.160.91.19 - - [30/May/2025:01:17:28 -0700] "POST /xmlrpc.php HTTP/1.1" 403 219 "https://www.deci ... show more164.160.91.19 - - [30/May/2025:01:17:28 -0700] "POST /xmlrpc.php HTTP/1.1" 403 219 "https://www.decisionconcepts.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36 Edg/112.0.1722.68" 164.160.91.19 - - [30/May/2025:01:17:29 -0700] "POST /xmlrpc.php HTTP/1.1" 403 219 "https://www.decisionconcepts.com" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Brute-Force Web App Attack
mind5t0rm	2025-05-30 08:15:26 (2 weeks ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 164.160.91.19 (ZA/South Africa/rs26-jhb.za-dns.com): 3 i ... show more(WPLOGIN,XMLRPC) Login failure/trigger from 164.160.91.19 (ZA/South Africa/rs26-jhb.za-dns.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 164.160.91.19 - - [30/May/2025:15:15:21 +0700] "POST /xmlrpc.php HTTP/1.1" 200 229 "https://healthy-skin.me" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:127.0) Gecko/20100101 Firefox/127.0" 164.160.91.19 - - [30/May/2025:15:15:23 +0700] "POST /xmlrpc.php HTTP/1.1" 200 229 "https://healthy-skin.me" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.93 Safari/537.36" 164.160.91.19 - - [30/May/2025:15:15:25 +0700] "POST /wp-login.php HTTP/1.1" 301 0 "https://healthy-skin.me" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.138 Safari/537.36 Edg/112.0.1722.68" show less	Port Scan
Malta	2025-05-30 08:12:31 (2 weeks ago)	164.160.91.19 - - [30/May/2025:10:12:30 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more164.160.91.19 - - [30/May/2025:10:12:30 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:128.0) Gecko/20100101 Firefox/128.0" show less	Hacking Web App Attack
Anonymous	2025-05-30 07:33:27 (2 weeks ago)	FREKISCOM WEBEXPLOIT 164.160.91.19 (rs26-jhb.za-dns.com)	Web App Attack
rtbh.com.tr	2025-05-29 20:08:28 (2 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
MM-bot	2025-05-29 13:32:42 (2 weeks ago)	URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2025-05-29 15:32:42 UTC+2)	Hacking Web App Attack
teamsecure	2025-05-29 12:04:49 (2 weeks ago)	Banned for trying to access xmlrpc	Web App Attack

Showing 1 to 15 of 787 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

98.82.66.172

220.122.115.9

46.101.99.155

186.22.48.102

104.206.252.105

189.56.202.86

154.161.46.69

221.13.93.244

102.215.87.198

135.237.125.156

109.205.213.245

97.89.56.82

103.163.214.82

108.168.2.55

99.92.204.98

95.251.81.202

87.103.85.127

207.154.219.71

23.137.105.227

46.236.235.176