Dashboard›🇦🇴 AO›105.168.175.155

THREAT REPORT

IP Threat Report
105.168.175.155

ABUSE.MOM — BEHAVE OR GET EXPOSED

Generated: 2026-05-26 23:44:12

First seen: 2026-03-10 03:00:07

Last seen: 2026-03-10 03:00:07

Geolocation & Classification

IP Address

105.168.175.155

Type

Mobile

Country

🇦🇴 AO

City

Luanda

ISP

UNITEL SA

Organization

UnitelMobileCustomerPool1

Autonomous System

AS37119 UNITEL SA

Hit Count

Detection Signatures

Signature	Description	Points
Danger strong hits: 3	High-risk paths: shells, RCE vectors, exploits	+75
Danger medium hits: 2	Medium-risk: admin panels, config files	+20
POST requests present	Behavioral anomaly detected by automated analysis	+8

Σ = 103

Observed Activity

Reconstructed HTTP requests from server access logs. Target domains redacted for security.

[redacted]

GET

200

Requests shown: 1 · HTTP 404: 0 · Dangerous patterns: 0

* Typical request patterns for detected signatures. Actual target domains are redacted.

Timeline

2026-03-10 03:00:07

First malicious request detected

IP entered monitoring from server access logs

During observation

Multiple detection signatures triggered

Danger strong hits: 3 (+75), Danger medium hits: 2 (+20), POST requests present (+8)

2026-03-10 03:00:07

Last malicious request observed

Total score reached: 103/100

Next cycle

IP blocked — all subsequent requests denied (HTTP 403)

Added to blocklist automatically

Network Provider

UNITEL SA

AS37119 · 🇦🇴 AO

Recommendations

Actions taken & recommended

IP 105.168.175.155 is blocked at application level (HTTP 403)
Consider blocking at firewall level (iptables/CSF) to reduce server load
Report abuse to the network provider via their abuse contact
Ensure sensitive files (.env, .git, backups) are not accessible from the web

⚙️ General Security

Add 105.168.175.155 to your firewall blocklist. Review logs for successful connections. Enable comprehensive logging on all public-facing services.

Blacklist Status (DNSBL)

This IP was checked against major DNS-based blacklists used by mail servers and firewalls worldwide.

⛔ LISTED

Spamhaus ZEN

Checked: Spamhaus, SpamCop, Barracuda, SORBS, CBL, UCEProtect. Results may change over time.

Threat Analysis

105.168.175.155 has been assigned a threat score of 103/100 (Critical). With this rating, the IP falls into the critical severity bracket — among the most dangerous addresses in our monitoring database.

📊 Threat Analysis

The address 105.168.175.155 originates from Luanda, AO, operating on the network of UNITEL SA. It was identified through automated analysis of incoming network traffic across monitored endpoints. Our sensors captured 2 malicious requests from this address across a 1-day span, reflecting a sustained attack cadence of ~2 requests per day. This is a mobile network IP. While mobile addresses are typically shared via CGNAT, persistent malicious activity from this specific address suggests automated abuse. Our records show 22 malicious IPs originating from AO, positioning it as a notable contributor to global threat activity. At 103/100, this is an extremely high-risk address. All traffic should be considered hostile.

Related Threats

🇦🇴 Top threats from AO

154.127.238.134 (103)154.127.186.3 (103)197.234.118.22 (103)102.209.5.179 (103)102.218.85.6 (103)View all →

🏢 Same network: AS37119

105.174.59.178 (103)105.172.221.109 (78)View all →

Security Intelligence

💡 XML External Entity (XXE) Attacks

XXE vulnerabilities in XML parsers allow attackers to read local files, perform SSRF, and execute denial of service attacks. Many legacy applications and APIs remain vulnerable to XXE due to insecure default XML parser configurations.

💡 Cloud Infrastructure Abuse

Cloud platforms provide attackers with elastic, disposable infrastructure. Free tier accounts, stolen credit cards, and compromised cloud credentials enable rapid deployment of attack infrastructure that can scale to millions of requests and disappear within hours.

🔍 Check Any IP Address

Share this report:

IP Threat Report105.168.175.155

⛔ Verdict: BLOCK