JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.217.4.176

102.217.4.176 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 44%: ?

44%

ISP	KEMNET TECHNOLOGIES LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS328578
Domain Name	kemnet.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.217.4.176

Whois 102.217.4.176

IP Abuse Reports for 102.217.4.176:

This IP address has been reported a total of 24 times from 19 distinct sources. 102.217.4.176 was first reported on March 10th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 pltcldvlpr	2026-06-17 09:49:08 (3 days ago)	Bogus Useragent: 102.217.4.176 - - [17/Jun/2026:11:49:08 +0200] "GET /protocol?id=st_3_65&offset=900 ... show more Bogus Useragent: 102.217.4.176 - - [17/Jun/2026:11:49:08 +0200] "GET /protocol?id=st_3_65&offset=900&seq=826 HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.0; Trident/3.0)" asn=328578 org="KEMNET TECHNOLOGIES LIMITED" country=KE ... show less	Bad Web Bot
🇨🇦 polycoda	2026-06-11 10:57:34 (1 week ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇩🇪 Vegascosmetics	2026-06-07 18:56:06 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated encoding. Vegas Security	DDoS Attack Hacking Bad Web Bot
🇪🇸 pipeline.es	2026-06-07 12:24:12 (1 week ago)	Port scanning / recon	Port Scan Web App Attack
🇪🇸 pipeline.es	2026-06-07 12:05:32 (1 week ago)	Port scanning / recon \| Evidence: date=2026-06-07 time=14:04:38 devname="[redacted]" devid="[redacte ... show more Port scanning / recon \| Evidence: date=2026-06-07 time=14:04:38 devname="[redacted]" devid="[redacted]" eventtime=1780833877344026060 tz=\"+0200\" logid=\"0000000013\" type=\"traffic\" subtype=\"forward\" level=\"notice\" vd="[redacted]" srcip=102.217.4.176 srcport=55996 srcintf="[redacted]" srcintfrole=\"wan\" dstip=[redacted] dstport=443 dstintf="[redacted]" dstintfrole=\"lan\" srccountry=\"Kenya\" dstcountry=\"Spain\" sessionid \| ASN: KEMNET-TECHNOLOGIES-AS \| Country: KE show less	Port Scan Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 991a3054-d12a-4e5e-ac87-2c17a3082180	DDoS Attack
🇦🇹 urnilxfgbez	2026-05-24 22:45:00 (3 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 MPL	2026-05-24 21:38:20 (3 weeks ago)	tcp/23 (2 or more attempts)	Port Scan
🇺🇸 RAP	2026-05-24 09:45:21 (3 weeks ago)	2026-05-24 09:45:21 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 check-the-sum.fr	2026-05-24 08:08:12 (3 weeks ago)	Port Scanning	Port Scan
🇺🇸 TPI-Abuse	2026-05-24 07:10:13 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 102.217.4.176 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 102.217.4.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 03:10:06.339909 2026] [security2:error] [pid 24132:tid 24132] [client 102.217.4.176:39132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|encoremtmorris.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "encoremtmorris.com"] [uri "/info/page-23/[email protected]"] [unique_id "ahKkTv_GpIzoVt1Egedp8AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-05-24 05:20:53 (3 weeks ago)	tcp/23	Port Scan
🇩🇪 EGP Abuse Dept	2026-04-11 12:29:02 (2 months ago)	Scraping webshop URLs (creall.com), likely botnet drone	Bad Web Bot Exploited Host
Anonymous	2026-04-06 19:42:46 (2 months ago)	DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: a ... show more DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: amplification attacks via third-parties e.g. HTTP_USER_AGENT facebookexternalhit/meta-externalagent/meta-externalfetcher or IPs from googleusercontent.com with fake HTTP_REFERER foxnews.com/newsweek.com/upwork.com/activision.com/... Port 443. show less	DDoS Attack Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-04-04 18:22:16 (2 months ago)	Brute-force/Enumeration: Multiple login attempts for non-existent mail accounts (Honeytrap).	Email Spam Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇬 197.199.224.52

🇺🇸 172.236.228.208

🇬🇧 35.203.210.96

🇺🇸 34.138.217.117

🇱🇹 216.132.188.178

🇹🇼 165.154.227.8

🇨🇳 124.116.171.46

🇲🇻 123.176.7.131

🇱🇹 62.60.130.129

🇸🇬 43.159.35.72

🇱🇹 216.132.188.91

🇺🇿 202.79.184.168

🇩🇪 167.94.146.42

🇺🇸 162.216.150.113

🇺🇸 135.237.122.43

🇺🇸 135.119.47.58

🇺🇸 45.79.149.50

🇩🇪 43.228.157.161

🇺🇸 20.64.105.0

🇱🇹 216.132.188.246