JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.0.17.164

102.0.17.164 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	Allocated to Airtel Kenya Mobile Broadband and Fixed internet
Usage Type	Fixed Line ISP
ASN	AS36926
Hostname(s)	164-17-0-102.r.airtelkenya.com
Domain Name	airtel.in
Country	🇰🇪 Kenya
City	Ruiru, Kiambu County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.0.17.164

Whois 102.0.17.164

IP Abuse Reports for 102.0.17.164:

This IP address has been reported a total of 29 times from 14 distinct sources. 102.0.17.164 was first reported on July 27th 2025, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 Vano Ganzzz	2025-10-11 03:16:03 (7 months ago)	Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK ASN: 36926 (CKL1-ASN) Protocol: HTTP/ ... show more Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK ASN: 36926 (CKL1-ASN) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2025-10-11T03:16:03Z Ray ID: 98cb32512ab0bd1a UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇺🇸 skycodee	2025-10-05 12:49:03 (8 months ago)	Repeated TLS handshake abuse against Pterodactyl Wings (port 8080)	DDoS Attack
🇺🇸 yangfan	2025-09-15 12:31:27 (8 months ago)	IP: 102.0.17.164 [Country: KE] triggered WAF (l7ddos). Action: managed_challenge ASN: 36926 (CKL1-AS ... show more IP: 102.0.17.164 [Country: KE] triggered WAF (l7ddos). Action: managed_challenge ASN: 36926 (CKL1-ASN) Protocol: HTTP/2 (method GET) Endpoint: / Time: 2025-09-15T10:18:23Z User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 --- Report generated by CFWAF2AbuseIPDB. show less	DDoS Attack Web Spam Web App Attack
🇪🇸 cuscusero (FlexBacks, FlexChar, FlexAve, FlexCDNM, FlexTudy, ColdHosting SL)	2025-09-10 12:48:03 (8 months ago)	[CPD ESP-BCN02-FW11-394] Suspicious connection detected on port 443 LAYER-7. DDoS detected	DDoS Attack Port Scan Brute-Force
🇬🇧 Silly Development	2025-09-05 04:00:00 (9 months ago)	Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 202 ... show more Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-09-05T04:00:00Z (7 occurrences) show less	DDoS Attack Exploited Host
🇫🇷 tr1n	2025-08-30 01:37:06 (9 months ago)	Triggered Cloudflare WAF (l7ddos) from KE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (l7ddos) from KE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: /pl UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.87 Safari/537.36 show less	DDoS Attack Bad Web Bot
🇩🇪 1gz	2025-08-28 10:54:06 (9 months ago)	Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoin ... show more Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /auth/login UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇺🇸 COMPLEX	2025-08-27 02:30:14 (9 months ago)	Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK ASN: 36926 (CKL1-ASN) Protocol: HTTP/ ... show more Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK ASN: 36926 (CKL1-ASN) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇩🇪 CommanderRoot	2025-08-26 18:53:16 (9 months ago)	HTTP request flood	DDoS Attack Web Spam
🇬🇧 Silly Development	2025-08-26 14:24:29 (9 months ago)	Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 202 ... show more Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-08-26T14:24:29Z (22 occurrences) show less	DDoS Attack Exploited Host
🇬🇧 Silly Development	2025-08-25 14:21:26 (9 months ago)	Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 202 ... show more Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-08-25T14:21:26Z (11 occurrences) show less	DDoS Attack Exploited Host
🇬🇧 Silly Development	2025-08-25 04:04:43 (9 months ago)	Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 202 ... show more Malicious activity detected from 36926 CKL1-ASN towards host panel.sillydev.co.uk (GET HTTP/2) @ 2025-08-25T04:04:43Z (7 occurrences) show less	DDoS Attack Exploited Host
🇩🇪 1gz	2025-08-25 04:00:07 (9 months ago)	Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoin ... show more Triggered Cloudflare WAF (l7ddos) from KE. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.5) Gecko/20060731 Ubuntu/dapper-security Epiphany/2.14 Firefox/1.5.0.5 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇮🇹 Progetto1	2025-08-21 03:44:02 (9 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-08-20 02:35:24 (9 months ago)	(mod_security) mod_security (id:210831) triggered by 102.0.17.164 (164-17-0-102.r.airtelkenya.com): ... show more (mod_security) mod_security (id:210831) triggered by 102.0.17.164 (164-17-0-102.r.airtelkenya.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 19 22:35:19.955653 2025] [security2:error] [pid 23557:tid 23557] [client 102.0.17.164:34582] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/usage_202508.html"] [unique_id "aKU0Zy_lGKWCCV6ALj901AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 122.96.28.171

🇳🇱 109.121.45.55

🇩🇪 54.37.74.179

🇫🇷 51.68.226.87

🇳🇱 34.6.35.1

🇳🇱 2001:67c:e60:c0c:192:42:116:106

🇳🇱 165.140.116.230

🇨🇳 124.221.121.246

🇨🇳 119.97.189.108

🇨🇳 114.67.252.10

🇮🇩 111.92.164.170

🇮🇩 36.82.45.61

🇻🇳 14.177.41.114

🇷🇴 2.57.121.112

🇰🇷 1.176.134.242

🇰🇷 221.153.50.115

🇳🇱 192.42.116.144

🇧🇷 177.84.144.25

🇺🇸 159.65.68.128

🇰🇿 95.58.255.251