JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 217.199.151.62

217.199.151.62 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 31%: ?

31%

ISP	MTN Business Kenya
Usage Type	Fixed Line ISP
ASN	AS9129
Domain Name	mtnbusiness.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 217.199.151.62

Whois 217.199.151.62

IP Abuse Reports for 217.199.151.62:

This IP address has been reported a total of 56 times from 32 distinct sources. 217.199.151.62 was first reported on May 26th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇰🇷 zlhIcd	2026-06-20 03:21:13 (2 days ago)	217.199.151.62 - - [16/Jun/2026:05:05:46 +0900] "GET /pcwiki/index.php?days=30&from=20260101102014&h ... show more 217.199.151.62 - - [16/Jun/2026:05:05:46 +0900] "GET /pcwiki/index.php?days=30&from=20260101102014&hideliu=1&hideminor=1&hidemyself=1&title=%ED%8A%B9%EC%88%98%EA%B8%B0%EB%8A%A5:%EB%A7%81%ED%81%AC%EC%B5%9C%EA%B7%BC%EB%B0%94%EB%80%9C HTTP/1.1" 404 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 12_7_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.182 Safari/537.36" ... show less	Web Spam SQL Injection Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-06-04 12:12:52 (2 weeks ago)	Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ... show more Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Mozilla/5.0 (compatible; MSIE 6.0; Windows CE; Trident/3.1) show less	Bad Web Bot Web App Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇬🇧 PeravixGroup	2026-05-23 21:51:47 (4 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇹🇷 Threat.live	2026-05-16 21:45:17 (1 month ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 TPI-Abuse	2026-05-04 12:40:22 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 217.199.151.62 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217210) triggered by 217.199.151.62 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 08:40:19.012379 2026] [security2:error] [pid 762:tid 762] [client 217.199.151.62:42364] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|website61differents.de\|F\|4"] [data "GET http://website61differents.de HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "website61differents.de"] [uri "/"] [unique_id "afiTszs0D8nAXk0JYATMtwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-03 02:47:28 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-05-02 18:14:09 (1 month ago)	2026-05-02 18:14:09 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇦🇹 urnilxfgbez	2026-05-01 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-04-29 14:11:28 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 217.199.151.62 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 217.199.151.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 10:11:20.704017 2026] [security2:error] [pid 3965:tid 3965] [client 217.199.151.62:48100] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Danbury II/Stetson Coffee/originals/Thumbs.db"] [unique_id "afIRiHpmVpDu2nRnC5vkEAAAAAA"], referer: https://vitalitywebb.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-22 14:34:44 (1 month ago)	Custom TCP Service Request 2026-04-22	Port Scan
🇺🇸 stechusa	2026-04-01 18:53:47 (2 months ago)	[Askari] \| Behavior: Holding server worker, HTTP/1.1 over TLS, Targeting specific pages, Outdated br ... show more [Askari] \| Behavior: Holding server worker, HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Concurrent page load during attack show less	Bad Web Bot DDoS Attack
🇺🇸 stechusa	2026-04-01 18:53:47 (2 months ago)	ELEVATED_THREAT \| 31 IPs targeting /brand.html \| Facet request during elevated threat (facet_ratio=0 ... show more ELEVATED_THREAT \| 31 IPs targeting /brand.html \| Facet request during elevated threat (facet_ratio=0.67, unique_ips=217) \| HTTP/1.1 over TLS (elevated=True) show less	Bad Web Bot DDoS Attack
🇺🇸 kosada.com	2026-03-30 14:36:48 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 quilla	2026-03-28 23:35:00 (2 months ago)	Botnet infected device observed in honeypot (Vector: TCP HANDSHAKE ATTACK)	DDoS Attack

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 192.178.36.148

🇺🇸 173.239.224.117

🇳🇵 139.5.74.47

🇩🇪 94.26.106.19

🇺🇸 69.55.59.169

🇺🇸 2a04:c300:400::1a9

🇭🇰 2602:80d:1003::1a

🇳🇱 192.142.28.77

🇰🇷 175.203.199.118

🇩🇪 139.19.117.131

🇹🇭 122.154.235.21

🇵🇭 112.208.116.250

🇺🇸 92.119.16.98

🇳🇱 45.148.10.157

🇺🇸 43.135.135.17

🇻🇳 222.252.21.159

🇳🇱 176.65.139.114

🇮🇳 103.70.40.36

🇧🇷 45.65.156.46

🇺🇸 23.95.50.198