JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.0.16.2

102.0.16.2 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 29%: ?

29%

ISP	Allocated to Airtel Kenya Mobile Broadband and Fixed internet
Usage Type	Fixed Line ISP
ASN	AS36926
Hostname(s)	2-16-0-102.r.airtelkenya.com
Domain Name	airtel.in
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.0.16.2

Whois 102.0.16.2

IP Abuse Reports for 102.0.16.2:

This IP address has been reported a total of 34 times from 20 distinct sources. 102.0.16.2 was first reported on January 25th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SMARTNET	2026-05-27 06:03:53 (1 week ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 1c72ea9a-d634-4668-a8aa-89a786da95ec	DDoS Attack
🇩🇪 milcraft.nl	2026-05-19 00:12:47 (2 weeks ago)	Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ... show more Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse. show less	DDoS Attack Web App Attack
🇩🇪 filstal.org	2026-05-01 08:08:55 (1 month ago)	Bad web bot: Spoofed/obsolete UA (Opera/9.21.(Windows 98; Win 9x 4.90; pa-PK) Presto/2.9.167 Version ... show more Bad web bot: Spoofed/obsolete UA (Opera/9.21.(Windows 98; Win 9x 4.90; pa-PK) Presto/2.9.167 Version/12.00). Mass-scanning WordPress plugin. Coordinated large-scale bot attack. show less	Bad Web Bot Web App Attack
🇨🇭 Origon	2026-04-30 14:05:11 (1 month ago)	NOQUEUE - IP: 102.0.16.2 - Apr 30 16:05:11 plesk postfix/smtpd[736399]: NOQUEUE: reject: RCPT from ... show more NOQUEUE - IP: 102.0.16.2 - Apr 30 16:05:11 plesk postfix/smtpd[736399]: NOQUEUE: reject: RCPT from unknown[102.0.16.2]: 554 5.7.1 Service unavailable; Client host [102.0.16.2] blocked using dnsbl-1.uceprotect.net; IP 102.0.16.2 is UCEPROTECT-Level 1 listed. See http://www.uceprotect.net/rblcheck.php?ipr=102.0.16.2; from=<REDACTED@REDACTED> to=<REDACTED@REDACTED> proto=ESMTP helo=<2-16-0-102.r.airtelkenya.com> show less	Email Spam
Anonymous	2026-04-30 12:50:26 (1 month ago)	2026-04-30T14:50:26.217401+02:00 gollum postfix/smtpd[3844517]: NOQUEUE: reject: RCPT from unknown[1 ... show more 2026-04-30T14:50:26.217401+02:00 gollum postfix/smtpd[3844517]: NOQUEUE: reject: RCPT from unknown[102.0.16.2]: 554 5.7.1 Service unavailable; Client host [102.0.16.2] blocked using zen.spamhaus.org; Listed by CSS, see https://check.spamhaus.org/query/ip/102.0.16.2 / Listed by PBL, see https://check.spamhaus.org/query/ip/102.0.16.2 / Listed by XBL, see https://check.spamhaus.org/query/ip/102.0.16.2; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<2-16-0-102.r.airtelkenya.com> ... show less	Email Spam
Anonymous	2026-04-27 11:09:09 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇫🇷 starhelix	2026-04-26 10:28:57 (1 month ago)	SSH login on honeypot.	Brute-Force SSH
🇫🇷 security.rdmc.fr	2026-04-24 20:56:54 (1 month ago)	Port Scan Attack proto:TCP src:41827 dst:23	Port Scan
Anonymous	2026-04-15 03:22:53 (1 month ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-post.asp show less	Exploited Host Bad Web Bot
Anonymous	2026-03-06 10:34:50 (3 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-02-28 01:28:02 (3 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇺🇸 TPI-Abuse	2026-02-02 14:58:56 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 102.0.16.2 (2-16-0-102.r.airtelkenya.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 102.0.16.2 (2-16-0-102.r.airtelkenya.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 09:58:50.057257 2026] [security2:error] [pid 2574138:tid 2574138] [client 102.0.16.2:36886] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.williamfitzsimmons.com\|F\|2"] [data ".largo-la.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.williamfitzsimmons.com"] [uri "/www.largo-la.com"] [unique_id "aYC7qkxpQKU7XlG2-wWvGAAAAAY"], referer: http://www.williamfitzsimmons.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 17:50:24 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 kosada.com	2025-12-16 22:37:31 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
Anonymous	2025-12-06 19:45:53 (6 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 194.32.140.229

🇺🇸 129.153.145.135

🇮🇳 115.96.153.39

🇮🇳 115.96.152.235

🇮🇳 115.96.151.91

🇰🇷 115.68.208.117

🇨🇳 112.124.11.41

🇮🇹 95.250.241.71

🇷🇴 80.94.92.182

🇰🇷 211.105.129.57

🇧🇷 200.77.179.130

🇨🇳 175.30.112.4

🇮🇩 163.7.8.79

🇵🇰 144.48.128.255

🇮🇳 115.96.149.89

🇮🇳 115.96.149.35

🇮🇳 115.96.146.211

🇨🇳 113.221.96.6

🇮🇳 106.51.92.114

🇵🇰 103.157.200.52