JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.232.50.126

197.232.50.126 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 41%: ?

41%

ISP	Jamii Telecommunications Limited
Usage Type	Fixed Line ISP
ASN	AS36866
Domain Name	jtl.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.232.50.126

Whois 197.232.50.126

IP Abuse Reports for 197.232.50.126:

This IP address has been reported a total of 16 times from 6 distinct sources. 197.232.50.126 was first reported on May 27th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 08:50:55 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:50:49.064972 2026] [security2:error] [pid 760:tid 760] [client 197.232.50.126:59754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|speedysremodeling.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "speedysremodeling.com"] [uri "/xmlrpc.php"] [unique_id "aivIaYenRs5i73SnvMghjAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-12 08:49:29 (3 hours ago)	(wordpress) Failed wordpress login from 197.232.50.126 (KE/Kenya/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 07:51:24 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:51:20.139520 2026] [security2:error] [pid 2464:tid 2464] [client 197.232.50.126:63285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|uphillfarmvt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uphillfarmvt.com"] [uri "/xmlrpc.php"] [unique_id "aiu6eD_8CJXEwL69Z3PR4gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-11 18:08:26 (17 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-11 16:02:40 (19 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 10:30:02 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:29:56.577858 2026] [security2:error] [pid 18749:tid 18749] [client 197.232.50.126:64476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|drgtek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drgtek.com"] [uri "/xmlrpc.php"] [unique_id "aiqOJG9czCTnYfFT6lJgzwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-05 09:06:27 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 19:57:10 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:57:05.239036 2026] [security2:error] [pid 19160:tid 19160] [client 197.232.50.126:60438] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|iuriscorpabc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iuriscorpabc.com"] [uri "/xmlrpc.php"] [unique_id "aiHYkY6uElBYQMxuMcwIMQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 19:08:14 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 18:39:56 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:39:48.229732 2026] [security2:error] [pid 1436:tid 1458] [client 197.232.50.126:57738] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|michaelrandon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michaelrandon.com"] [uri "/xmlrpc.php"] [unique_id "aiHGdDfnhicBsmT5JM1noQAAAZQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 15:41:02 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 11:40:58.519131 2026] [security2:error] [pid 8245:tid 8245] [client 197.232.50.126:57926] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|twinls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "twinls.com"] [uri "/xmlrpc.php"] [unique_id "aiGcin59zUBHq4Of8JqjbAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 14:35:13 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.232.50.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:35:06.944506 2026] [security2:error] [pid 19436:tid 19436] [client 197.232.50.126:58018] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.232.50.126 (+1 hits since last alert)\|smoothiessoupssalads.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smoothiessoupssalads.com"] [uri "/xmlrpc.php"] [unique_id "aiGNGoRae0gyqv4stCJF-QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-03 13:03:26 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-03 07:27:34 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC KE/Kenya/-	Web App Attack
Anonymous	2026-06-02 08:46:44 (1 week ago)	Attac	Brute-Force

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.6

🇮🇹 172.213.140.80

🇩🇪 155.117.127.214

🇵🇰 137.59.225.74

🇮🇩 103.160.213.205

🇵🇱 95.214.53.157

🇨🇦 85.217.149.18

🇷🇴 80.94.92.167

🇧🇬 79.124.49.226

🇺🇸 74.7.243.205

🇬🇧 35.203.210.245

🇺🇸 2601:602:8700:c4e7:74ba:4abe:d8c1:7c4f

🇨🇳 203.32.69.183

🇧🇷 201.77.171.189

🇸🇬 185.200.116.72

🇮🇳 168.144.126.241

🇮🇩 103.165.206.238

🇨🇦 85.217.149.61

🇺🇸 66.132.195.27

🇳🇱 45.156.128.107