JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.138.145.10

197.138.145.10 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 65%: ?

65%

ISP	Kwale Teachers Training College
Usage Type	University/College/School
ASN	AS36914
Domain Name	kwalettc.ac.ke
Country	🇰🇪 Kenya
City	Kinango, Kwale County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.138.145.10

Whois 197.138.145.10

IP Abuse Reports for 197.138.145.10:

This IP address has been reported a total of 17 times from 13 distinct sources. 197.138.145.10 was first reported on May 28th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-25 14:40:49 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 ghostwarriors	2026-06-24 11:50:19 (3 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-23 07:17:01 (4 days ago)	(wordpress) Failed wordpress login from 197.138.145.10 (KE/Kenya/-)	Brute-Force
Anonymous	2026-06-23 06:57:58 (4 days ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=madesign.gr; logs=/var/log/httpd/domains/madesign.gr.log; samp ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=madesign.gr; logs=/var/log/httpd/domains/madesign.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇪🇸 masterguru	2026-06-23 06:51:35 (4 days ago)	(xmlrpc) Failed xmlrpc access from 197.138.145.10 (KE/Kenya/-): 5 in the last 3600 secs (0-122)	Hacking
Anonymous	2026-06-23 06:50:02 (4 days ago)	[redacted] 197.138.145.10 - - [23/Jun/2026:08:49:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 197.138.145.10 - - [23/Jun/2026:08:49:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 197.138.145.10 - - [23/Jun/2026:08:49:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" [redacted] 197.138.145.10 - - [23/Jun/2026:08:49:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" [redacted] 197.138.145.10 - - [23/Jun/2026:08:49:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site72133872.com" [redacted] 197.138.145.10 - - [23/Jun/2026:08:50:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 12:09:23 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 08:09:14.610891 2026] [security2:error] [pid 20820:tid 20820] [client 197.138.145.10:63648] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.138.145.10 (+1 hits since last alert)\|karenbernsteinlaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "karenbernsteinlaw.com"] [uri "/xmlrpc.php"] [unique_id "ajkl6priUfvNkwIbdWzK5wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-22 12:07:44 (5 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 09:31:41 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 05:31:36.136808 2026] [security2:error] [pid 9569:tid 9569] [client 197.138.145.10:60394] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.138.145.10 (+1 hits since last alert)\|kaylamaclaincounseling.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kaylamaclaincounseling.com"] [uri "/xmlrpc.php"] [unique_id "ajO6-D5ClRWlw9IAhKYDmgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-18 09:28:05 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 Dolphi	2026-06-09 11:20:06 (2 weeks ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 08:23:51 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:23:45.302627 2026] [security2:error] [pid 20540:tid 20685] [client 197.138.145.10:57232] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.138.145.10 (+1 hits since last alert)\|strengthsmatter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "strengthsmatter.com"] [uri "/xmlrpc.php"] [unique_id "aifNkVxQ_me5s6LL3id6BAAAAMo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 09:43:51 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.138.145.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 05:43:44.466962 2026] [security2:error] [pid 15353:tid 15425] [client 197.138.145.10:56222] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.138.145.10 (+1 hits since last alert)\|hearthandhomestudio.art\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hearthandhomestudio.art"] [uri "/xmlrpc.php"] [unique_id "ah_3UISdF8rm2ylKF3xwlAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-01 13:54:41 (3 weeks ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2026-06-01 09:12:51 (3 weeks ago)	Attac	Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.58

🇲🇽 187.216.224.85

🇺🇸 172.172.196.177

🇦🇺 158.178.141.16

🇧🇩 123.49.38.114

🇮🇳 122.170.97.94

🇹🇭 61.19.69.203

🇺🇸 34.234.218.86

🇧🇷 20.226.50.160

🇹🇼 198.235.24.79

🇮🇳 122.170.111.140

🇮🇳 122.165.91.5

🇳🇱 45.148.10.147

🇺🇸 38.43.93.233

🇫🇷 37.44.238.68

🇩🇪 209.50.183.153

🇧🇷 205.210.31.140

🇵🇪 161.132.50.236

🇰🇷 121.189.198.60

🇬🇧 87.236.176.165