JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.90.172.8

41.90.172.8 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 33%: ?

33%

ISP	Safaricom Limited
Usage Type	Fixed Line ISP
ASN	AS33771
Hostname(s)	41-90-172-8.safaricombusiness.co.ke
Domain Name	safaricom.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.90.172.8

Whois 41.90.172.8

IP Abuse Reports for 41.90.172.8:

This IP address has been reported a total of 29 times from 16 distinct sources. 41.90.172.8 was first reported on April 22nd 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-18 09:06:36 (3 hours ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇰 ScamAware	2026-06-18 08:59:50 (3 hours ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Bad Web Bot
🇩🇪 Hazzard	2026-06-17 15:15:40 (21 hours ago)	(wordpress) Failed wordpress login from 41.90.172.8 (KE/Kenya/Nairobi County/Nairobi/41-90-172-8.saf ... show more (wordpress) Failed wordpress login from 41.90.172.8 (KE/Kenya/Nairobi County/Nairobi/41-90-172-8.safaricombusiness.co.ke/[redacted]): (CF_ENABLE) show less	Brute-Force
🇮🇩 Burayot	2026-06-07 09:55:16 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 41.90.172.8 (KE/Kenya/41-90-172-8.s ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 41.90.172.8 (KE/Kenya/41-90-172-8.safaricombusiness.co.ke): 1 in the last 3600 secs show less	Web App Attack
🇵🇹 rnl	2026-05-18 10:06:40 (1 month ago)	postfix (unknown user, SPF fail or relay access denied)	Brute-Force
Anonymous	2026-04-30 08:23:14 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 Jason Howell	2026-04-03 17:27:02 (2 months ago)	41.90.172.8 - - [03/Apr/2026:12:17:17 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3206 "-" "Mozilla/5.0 ( ... show more 41.90.172.8 - - [03/Apr/2026:12:17:17 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3206 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" 41.90.172.8 - - [03/Apr/2026:12:21:37 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3206 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 41.90.172.8 - - [03/Apr/2026:12:22:51 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3207 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" 41.90.172.8 - - [03/Apr/2026:12:24:41 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3207 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/74.0.0.0 Safari/537.36" 41.90.172.8 - - [03/Apr/2026:12:27:02 -0500] "POST /xmlrpc.php HTTP/1.1" 200 3206 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/70.0.0.0 Safari/5 ... show less	Web App Attack
🇺🇸 MPL	2026-01-11 12:21:05 (5 months ago)	tcp/9023 (4 or more attempts)	Port Scan
Anonymous	2026-01-08 21:06:40 (5 months ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇨🇦 polycoda	2025-12-01 13:13:04 (6 months ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
Anonymous	2025-11-26 09:37:42 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-18 18:45:16 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-16 05:34:12 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-10-16 15:45:14 (8 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-10-12 16:30:11 (8 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 213.101.138.172

🇺🇸 162.216.150.153

🇬🇧 80.1.51.168

🇨🇳 60.190.49.50

🇺🇸 45.156.129.121

🇬🇧 193.163.125.200

🇧🇷 179.125.169.27

🇩🇪 143.244.82.182

🇺🇸 85.208.96.204

🇬🇪 2.57.217.229

🇮🇳 202.141.101.64

🇨🇳 202.46.62.14

🇬🇧 193.163.125.155

🇨🇴 186.146.235.58

🇭🇰 112.120.171.95

🇺🇸 52.146.88.130

🇺🇸 52.70.123.241

🇺🇸 35.169.206.177

🇺🇸 162.216.150.170

🇳🇱 77.83.39.7