JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.219.170.74

102.219.170.74 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 39%: ?

39%

ISP	African Network Information Center - (AfriNIC) Ltd
Usage Type	Fixed Line ISP
ASN	AS328480
Domain Name	afrinic.net
Country	🇿🇦 South Africa
City	Cape Town, Western Cape

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.219.170.74

Whois 102.219.170.74

IP Abuse Reports for 102.219.170.74:

This IP address has been reported a total of 52 times from 36 distinct sources. 102.219.170.74 was first reported on June 7th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 it-ngo.com	2026-06-15 16:39:03 (6 hours ago)	RdpGuard detected brute-force attempt on IMAP	Brute-Force
Anonymous	2026-06-05 19:57:37 (1 week ago)	Jun 4 19:49:42 localhost kernel: [108962294.779337] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 4 19:49:42 localhost kernel: [108962294.779337] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=102.219.170.74 DST=[mungedIP2] LEN=944 TOS=0x00 PREC=0x00 TTL=45 ID=44101 DF PROTO=UDP SPT=41295 DPT=37851 LEN=924 Jun 4 19:49:42 localhost kernel: [108962294.779353] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=102.219.170.74 DST=[mungedIP2] LEN=944 TOS=0x00 PREC=0x00 TTL=45 ID=44101 DF PROTO=UDP SPT=41295 DPT=37851 LEN=924 Jun 5 15:57:36 localhost kernel: [109034766.797693] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=102.219.170.74 DST=[mungedIP2] LEN=626 TOS=0x00 PREC=0x00 TTL=45 ID=28718 DF PROTO=UDP SPT=41295 DPT=65425 LEN=606 Jun 5 15:57:36 localhost kernel: [109034766.797712] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=102.219.170.74 DST=[mungedIP2] LEN=626 TOS=0x00 PREC=0x00 TTL=45 ID=28718 DF PROTO=UDP SPT=41295 DPT=65425 LEN=606 show less	Port Scan
🇩🇪 Vegascosmetics	2026-05-31 23:52:17 (2 weeks ago)	Kingcopy(AI-IDS) Report: IP 102.219.170.74 wurde nach 3 Angriffsversuchen automatisch geblockt. Patt ... show more Kingcopy(AI-IDS) Report: IP 102.219.170.74 wurde nach 3 Angriffsversuchen automatisch geblockt. Pattern: High Priority: ChangeCountry - Vegas Cosmetics Security System show less	DDoS Attack Hacking Exploited Host
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇫🇷 EDSL	2026-05-25 04:42:35 (3 weeks ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
Anonymous	2026-05-25 03:52:44 (3 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇸🇬 mypatricks	2026-05-17 07:11:56 (4 weeks ago)	102.219.170.74 \| Port: 10102 \| DNS: 102.219.170.74 2026-05-17T15:11:55+08:00 Africa/Johannesburg \| F ... show more 102.219.170.74 \| Port: 10102 \| DNS: 102.219.170.74 2026-05-17T15:11:55+08:00 Africa/Johannesburg \| Fake HTTP Protocol detected! \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /stacked-tiered-themed-cake/?budget=3&order=DESC&sort=rating \| Ref: - \| Country: ZA/South Africa/+02:00 IP City: Cape Town Linux 9fd0cf869fa897ee-JNB/Johannesburg, South Africa 1 hits/0 secs Robots 4 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇮🇳 dineshskt4all	2026-04-30 10:43:19 (1 month ago)	[Thu Apr 30 10:43:17.081289 2026] [proxy_fcgi:error] [pid 3718325:tid 138363143141056] [client 102.2 ... show more [Thu Apr 30 10:43:17.081289 2026] [proxy_fcgi:error] [pid 3718325:tid 138363143141056] [client 102.219.170.74:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
Anonymous	2026-04-20 08:36:10 (1 month ago)	Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ... show more Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 quilla	2026-04-03 03:20:35 (2 months ago)	Botnet infected device observed in honeypot (Vector: TCP)	DDoS Attack
🇺🇸 TPI-Abuse	2026-03-30 11:59:04 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 102.219.170.74 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 102.219.170.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:58:56.627180 2026] [security2:error] [pid 25349:tid 25349] [client 102.219.170.74:34655] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.informativearticles.com\|F\|2"] [data ".50webs.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.informativearticles.com"] [uri "/thebestarticles4u.50webs.com"] [unique_id "acplgAq0Xs0FNHlag6IReAAAAAE"], referer: http://www.informativearticles.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-26 04:21:09 (2 months ago)	block ruleset 333FBABBA6DC06D7D20EDF60700DF5D9612E6F09	Bad Web Bot
🇺🇸 gui-ying233	2026-03-17 00:19:53 (2 months ago)	Opera/9.90.(Windows NT 5.0; tn-ZA) Presto/2.9.174 Version/11.00	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-13 02:34:42 (3 months ago)	(mod_security) mod_security (id:211030) triggered by 102.219.170.74 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211030) triggered by 102.219.170.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 22:34:35.338630 2026] [security2:error] [pid 610136:tid 610136] [client 102.219.170.74:48458] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at ARGS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "17"] [id "211030"] [rev "3"] [msg "COMODO WAF: LDAP Injection Attack\|\|www.carbonless.net\|F\|2"] [data "Matched Data: ('~'\|\|( found within ARGS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.carbonless.net"] [uri "/carbcart/index.php"] [unique_id "abN3u81euu8FbQy5IQfP2gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-03-02 16:41:51 (3 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 77.83.39.55

🇭🇺 193.68.57.43

🇧🇷 177.185.92.188

🇦🇱 109.236.46.248

🇩🇪 103.75.196.199

🇩🇪 91.92.240.42

🇺🇸 45.58.52.17

🇰🇷 43.108.40.1

🇵🇱 31.41.81.65

🇳🇱 185.156.73.233

🇷🇸 158.173.240.135

🇨🇳 123.191.133.20

🇨🇳 112.123.106.125

🇯🇵 109.238.192.104

🇸🇬 101.32.244.206

🇩🇪 77.22.70.198

🇺🇸 66.132.195.23

🇺🇦 46.175.248.165

🇬🇧 45.82.76.107

🇺🇸 2604:a880:400:d1:0:4:7ac9:3001