JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.204.14.6

102.204.14.6 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 26%: ?

26%

ISP	Skysurf Limited
Usage Type	Fixed Line ISP
ASN	AS329656
Domain Name	skysurf.co.ke
Country	🇰🇪 Kenya
City	Kajiado, Kajiado County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.204.14.6

Whois 102.204.14.6

IP Abuse Reports for 102.204.14.6:

This IP address has been reported a total of 20 times from 16 distinct sources. 102.204.14.6 was first reported on January 4th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-27 13:02:58 (2 weeks ago)	592 limiting connections by zone (12m59s)	DDoS Attack
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇫🇷 MatStef132	2026-05-22 14:04:50 (3 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇨🇦 polycoda	2026-05-16 12:37:41 (3 weeks ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
Anonymous	2026-04-26 19:55:28 (1 month ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp show less	Exploited Host Bad Web Bot
🇨🇭 backslash	2026-04-18 18:03:05 (1 month ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-31 03:51:34 (2 months ago)	(mod_security) mod_security (id:217210) triggered by 102.204.14.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:217210) triggered by 102.204.14.6 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 23:51:28.529115 2026] [security2:error] [pid 15602:tid 15602] [client 102.204.14.6:51877] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|ca61naturals.de\|F\|4"] [data "GET http://ca61naturals.de HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ca61naturals.de"] [uri "/"] [unique_id "actEwN_8yad_LIZB0IeIbAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 stechusa	2026-03-29 19:19:58 (2 months ago)	[Askari] \| country=KE \| Behavior: Holding server worker, HTTP/1.1 over TLS, Targeting specific pages ... show more [Askari] \| country=KE \| Behavior: Holding server worker, HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Concurrent page load during attack show less	Bad Web Bot DDoS Attack
🇺🇸 stechusa	2026-03-29 19:19:58 (2 months ago)	ELEVATED_THREAT \| country=KE \| ASN=Skysurf \| Facet request during elevated threat (facet_ratio=0.73, ... show more ELEVATED_THREAT \| country=KE \| ASN=Skysurf \| Facet request during elevated threat (facet_ratio=0.73, unique_ips=194) \| 10 IPs targeting /room.html \| HTTP/1.1 over TLS (elevated=True) show less	Bad Web Bot DDoS Attack
🇺🇸 TPI-Abuse	2026-03-21 21:23:52 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 102.204.14.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 102.204.14.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 17:23:44.778147 2026] [security2:error] [pid 20733:tid 20733] [client 102.204.14.6:41497] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|opere.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "opere.com"] [uri "/content/produzioni video/swing/Thumbs.db"] [unique_id "ab8MYEbdeiHnSMmTXBE6GAAAAAA"], referer: http://opere.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-05 18:03:12 (3 months ago)	block ruleset SQL-Injections with typical fingerprints FD77349DE692F8D05B4EE282DE6A5198C42AB90F	SQL Injection
🇺🇸 matt	2026-03-02 22:42:04 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇺🇸 kosada.com	2026-03-02 16:25:36 (3 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇦🇺 Telemetry2U.com	2026-02-28 11:30:28 (3 months ago)	SQL Injection attempt detected	Web App Attack SQL Injection
🇺🇸 TPI-Abuse	2026-02-27 15:10:25 (3 months ago)	(mod_security) mod_security (id:218580) triggered by 102.204.14.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:218580) triggered by 102.204.14.6 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 10:10:19.921078 2026] [security2:error] [pid 14051:tid 14051] [client 102.204.14.6:45780] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:tree. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "74"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|www.kountz.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "www.kountz.org"] [uri "/getperson.php"] [unique_id "aaGz23IjO0jfEBVPcjJzOgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.96.139.198

🇲🇾 165.154.147.69

🇵🇱 87.251.64.149

🇧🇷 45.232.73.84

🇬🇧 35.203.211.13

🇨🇭 185.230.125.48

🇩🇪 167.172.187.11

🇳🇱 164.92.159.100

🇮🇳 150.241.244.100

🇰🇷 119.196.213.196

🇨🇳 119.97.189.98

🇻🇳 118.70.182.193

🇳🇱 91.92.40.35

🇪🇪 45.12.28.218

🇺🇸 20.163.34.47

🇺🇸 2600:382:afd8:95a:e8e9:1f38:9b5a:3b5e

🇩🇪 176.65.132.149

🇳🇱 172.71.95.108

🇲🇦 160.179.49.175

🇫🇷 139.28.219.70