JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.248.53.167

197.248.53.167 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Safaricom Limited
Usage Type	Fixed Line ISP
ASN	AS37061
Hostname(s)	197-248-53-167.safaricombusiness.co.ke
Domain Name	safaricom.co.ke
Country	🇰🇪 Kenya
City	Mumias, Kakamega County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.248.53.167

Whois 197.248.53.167

IP Abuse Reports for 197.248.53.167:

This IP address has been reported a total of 15 times from 10 distinct sources. 197.248.53.167 was first reported on January 30th 2025, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Smel	2025-09-08 07:26:29 (8 months ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇳🇱 exxos	2025-09-05 22:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
🇳🇱 exxos	2025-08-03 23:11:28 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-08-03 02:13:12 (10 months ago)	HTTP1.x attacks	DDoS Attack
Anonymous	2025-07-29 04:43:58 (10 months ago)	wordpress-trap	Web App Attack
🇪🇸 Global Cyber Police	2025-07-27 16:16:18 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack
🇺🇸 ipblock.com	2025-07-01 10:05:00 (11 months ago)	IPBlock protected site ID [4055-d][s=04]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇳🇱 exxos	2025-06-03 12:14:58 (1 year ago)	web attacks	Hacking
🇳🇱 exxos	2025-05-14 13:25:44 (1 year ago)	Attacks with Bad user agents	Hacking
🇩🇪 ps-center	2025-05-12 15:28:46 (1 year ago)	DIS: Web Attack GET /wp-login.php GET /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2025-05-05 10:37:14 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-16 13:26:46 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 197.248.53.167 (197-248-53-167.safaricombusines ... show more (mod_security) mod_security (id:225170) triggered by 197.248.53.167 (197-248-53-167.safaricombusiness.co.ke): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 16 09:26:40.223781 2025] [security2:error] [pid 15974:tid 15974] [client 197.248.53.167:9089] [client 197.248.53.167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.newdirectionsinmusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.newdirectionsinmusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z_-wEAowXzYw1XWK_IXzAAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-16 12:40:07 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 197.248.53.167 (197-248-53-167.safaricombusines ... show more (mod_security) mod_security (id:225170) triggered by 197.248.53.167 (197-248-53-167.safaricombusiness.co.ke): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 16 08:40:02.939624 2025] [security2:error] [pid 1706578:tid 1706578] [client 197.248.53.167:8435] [client 197.248.53.167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cosplayculture.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cosplayculture.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z_-lIpmB_JdwFVbhZt03TAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-02-11 21:25:33 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-01-30 10:44:55 (1 year ago)	Detected Hacking, SQL Injection or general Web App Attack	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.17.224.139

🇺🇿 185.139.137.15

🇳🇱 93.123.72.166

🇷🇴 80.94.92.102

🇺🇸 64.62.197.92

🇭🇰 38.76.163.44

🇺🇸 18.209.137.234

🇨🇳 218.25.89.208

🇮🇹 217.26.179.249

🇺🇸 216.25.89.81

🇳🇱 213.177.179.120

🇩🇪 176.65.132.149

🇻🇳 171.240.13.30

🇺🇸 165.22.176.30

🇰🇷 112.216.129.27

🇺🇸 96.127.146.46

🇨🇳 27.155.92.28

🇨🇳 222.92.61.242

🇲🇴 182.93.50.90

🇺🇸 178.156.253.13