JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.204.148.76

102.204.148.76 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 27%: ?

27%

ISP	KONNEKT Smart Life LTD
Usage Type	Fixed Line ISP
ASN	AS329622
Domain Name	konnektsmartlife.com
Country	🇰🇪 Kenya
City	Eldoret, Uasin Gishu County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.204.148.76

Whois 102.204.148.76

IP Abuse Reports for 102.204.148.76:

This IP address has been reported a total of 18 times from 15 distinct sources. 102.204.148.76 was first reported on December 23rd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-25 21:41:39 (1 day ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇩🇪 Vegascosmetics	2026-06-23 07:28:26 (3 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇩🇪 SMARTNET	2026-05-27 06:03:53 (4 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 1c72ea9a-d634-4668-a8aa-89a786da95ec	DDoS Attack
Anonymous	2026-05-21 14:24:17 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
Anonymous	2026-05-16 08:17:42 (1 month ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇨🇭 ALPHANET	2026-05-09 04:35:02 (1 month ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇺🇸 nyt	2026-04-22 15:18:30 (2 months ago)	Login brute-force (6/60s)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-22 05:36:21 (2 months ago)	(mod_security) mod_security (id:211790) triggered by 102.204.148.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211790) triggered by 102.204.148.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 01:36:14.059058 2026] [security2:error] [pid 1396349:tid 1396349] [client 102.204.148.76:34202] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:create (?:procedure\|function) ?\\\\w+ ?\\\\( ?\\\\) ?-\|; ?(?:declare\|open) [\\\\w-]+\|procedure analyse ?\\\\(\|declare[^\\\\w]+[@#] ?\\\\w+\|exec ?\\\\( ?\\\\@))" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "58"] [id "211790"] [rev "3"] [msg "COMODO WAF: Detects MySQL and PostgreSQL stored procedure/function injections\|\|www.cs-mall.com\|F\|2"] [data "Matched Data: procedure found within MATCHED_VAR: Quote of the Week,GTID_SUBSET(('~',((ELT(7255=7255,1))),'~'),7255) PROCEDURE ANALYSE(3084,1)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "www.cs-mall.com"] [uri "/quote.php"] [unique_id "aeheTuCk1Sj1ERTqYfKizgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 maxxsense	2026-04-06 11:00:37 (2 months ago)	102.204.148.76 (KE/Kenya/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇺🇸 TPI-Abuse	2026-03-31 14:25:56 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 102.204.148.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 102.204.148.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 10:25:51.988309 2026] [security2:error] [pid 5621:tid 5640] [client 102.204.148.76:32898] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|writeonce.org\|F\|2"] [data ".multimanpublishing.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "writeonce.org"] [uri "/\\\\\\\\www.multimanpublishing.com"] [unique_id "acvZb3vePsnjUmHTK3qFCwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-16 20:55:32 (5 months ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇹🇼 kk_it_man	2026-01-13 13:30:02 (5 months ago)	honey catch	Port Scan
🇫🇷 security.rdmc.fr	2026-01-12 08:44:25 (5 months ago)	IP in Malicious Database	Web App Attack
🇳🇱 EGP Abuse Dept	2026-01-09 04:33:44 (5 months ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking
🇦🇹 urnilxfgbez	2026-01-08 23:45:00 (5 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 167.224.142.162

🇺🇸 147.185.132.27

🇰🇷 119.207.83.90

🇲🇲 103.233.206.154

🇺🇸 103.168.67.159

🇺🇸 71.6.167.142

🇨🇳 60.188.58.133

🇺🇸 3.143.222.75

🇮🇩 202.65.233.82

🇺🇸 172.58.48.168

🇺🇸 69.142.206.104

🇺🇸 68.205.129.87

🇰🇼 62.150.237.107

🇭🇰 47.243.248.160

🇱🇹 45.227.254.170

🇰🇷 14.51.223.141

🇺🇸 207.46.13.157

🇲🇽 195.40.100.251

🇧🇷 177.23.50.38

🇻🇳 123.26.85.165