JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2.57.170.164

2.57.170.164 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 52%: ?

52%

ISP	VPN Consumer Cosenza, Italy
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇮🇹 Italy
City	Cosenza, Calabria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2.57.170.164

Whois 2.57.170.164

IP Abuse Reports for 2.57.170.164:

This IP address has been reported a total of 92 times from 44 distinct sources. 2.57.170.164 was first reported on August 19th 2023, and the most recent report was 52 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 SentinalX by uzumaru	2026-06-07 06:35:27 (52 minutes ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: account.jetbrains.com:443 show less	Open Proxy Port Scan
🇫🇷 solution.it	2026-06-06 18:35:59 (12 hours ago)	[Sat Jun 06 20:35:58.819420 2026] [php7:error] [pid 1648924:tid 1648924] [client 2.57.170.164:48055] ... show more [Sat Jun 06 20:35:58.819420 2026] [php7:error] [pid 1648924:tid 1648924] [client 2.57.170.164:48055] script '/var/www/html/blog.solution.it/wp-admin/css/colors/coffee/index.php' not found or unable to stat, referer: http://blog.solution.it/wp-admin/css/colors/coffee/index.php show less	Web App Attack
🇩🇪 ghostwarriors	2026-05-28 13:50:42 (1 week ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-28 13:37:12 (1 week ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-05-28 00:57:02 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 backslash	2026-05-23 09:27:01 (2 weeks ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇿🇦 Tokolosh Hunters	2026-05-23 00:47:48 (2 weeks ago)	AutoBlockWindow-Known bad useragent query-2026-05-23 00:47:47	Bad Web Bot
🇫🇷 Octopuce	2026-05-12 00:46:45 (3 weeks ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/filester/assets/css/404.php /wp-conte ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/filester/assets/css/404.php /wp-content/plugins/shell/index.php /wp-content/plug ... show less	Web App Attack
🇺🇸 mnsf	2026-05-11 20:05:23 (3 weeks ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-05-11 17:57:18 (3 weeks ago)	2.57.170.164 - - [11/May/2026:20:57:17 +0300] "GET /wp-content/themes/twentytwentythree/patterns/ind ... show more 2.57.170.164 - - [11/May/2026:20:57:17 +0300] "GET /wp-content/themes/twentytwentythree/patterns/index.php HTTP/1.1" 404 712 "-" "Go-http-client/1.1" 2.57.170.164 - - [11/May/2026:20:57:17 +0300] "GET /wp-includes/js/tinymce/skins/lightgray/img/index.php HTTP/1.1" 404 712 "-" "Go-http-client/1.1" ... show less	Web App Attack
Anonymous	2026-04-29 21:40:38 (1 month ago)	2.57.170.164 - - [29/Apr/2026:23:40:15 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by Wo ... show more 2.57.170.164 - - [29/Apr/2026:23:40:15 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" 2.57.170.164 - - [29/Apr/2026:23:40:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" 2.57.170.164 - - [29/Apr/2026:23:40:25 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com" 2.57.170.164 - - [29/Apr/2026:23:40:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 2.57.170.164 - - [29/Apr/2026:23:40:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" ... show less	Brute-Force Web App Attack
🇪🇸 el-brujo	2026-04-25 09:44:17 (1 month ago)	Cloudflare WAF: Request Path: /.git/config Request Query: Host: web.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /.git/config Request Query: Host: web.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: F.N.S. HOLDINGS LIMITED Country: IT Method: GET Timestamp: 2026-04-25T09:44:17Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-25 05:47:27 (1 month ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: wiki.elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: wiki.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: F.N.S. HOLDINGS LIMITED Country: IT Method: GET Timestamp: 2026-04-25T05:47:27Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 Penny Packer	2026-04-25 05:32:14 (1 month ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 05:13:29 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2.57.170.164 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 2.57.170.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 01:13:20.153857 2026] [security2:error] [pid 3617:tid 3617] [client 2.57.170.164:51491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tausiet.com"] [uri "/.env.production"] [unique_id "aexNcBgQUDoUzPlWkIAfBQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8c06:3001

🇬🇧 193.163.125.130

🇵🇱 37.233.101.21

🇨🇳 223.167.75.86

🇨🇴 190.0.63.226

🇲🇽 189.217.196.65

🇺🇸 189.13.253.166

🇳🇱 176.65.139.174

🇨🇳 175.178.242.199

🇺🇸 165.154.173.169

🇺🇸 146.88.241.75

🇨🇳 119.96.193.72

🇮🇳 110.235.239.86

🇧🇩 103.190.45.95

🇧🇬 79.124.49.230

🇺🇸 45.79.190.10

🇺🇸 35.150.42.8

🇵🇱 34.116.211.113

🇧🇪 34.53.221.254

🇺🇿 2a05:45c2:63e4:c400:989b:2f18:dafe:1374