JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.216.84.251

102.216.84.251 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 32%: ?

32%

ISP	Surf Net Solutions Limited
Usage Type	Fixed Line ISP
ASN	AS329044
Domain Name	surfnetsolution.com
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.216.84.251

Whois 102.216.84.251

IP Abuse Reports for 102.216.84.251:

This IP address has been reported a total of 47 times from 31 distinct sources. 102.216.84.251 was first reported on August 6th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-09 07:45:49 (3 days ago)	Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signatur ... show more Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signature Blocked: /wishlist/index/add/product/11384/form_key/ycMH5E2FDDt5oq80/ \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like G... show less	Hacking Bad Web Bot Web App Attack
🇩🇪 pltcldvlpr	2026-06-08 13:33:45 (4 days ago)	Bogus Useragent: 102.216.84.251 - - [08/Jun/2026:15:33:45 +0200] "GET /mandate?id=hb_21_spd_falko-br ... show more Bogus Useragent: 102.216.84.251 - - [08/Jun/2026:15:33:45 +0200] "GET /mandate?id=hb_21_spd_falko-bries HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/3.1)" asn=329044 org="Surf Net Solutions Limited" country=KE ... show less	Bad Web Bot
🇮🇩 hermawan	2026-05-29 05:23:40 (2 weeks ago)	[Fri May 29 12:23:33.493528 2026] [security2:error] [pid 1361174:tid 139851878766272] [client 102.21 ... show more [Fri May 29 12:23:33.493528 2026] [security2:error] [pid 1361174:tid 139851878766272] [client 102.216.84.251:43188] ModSecurity: Access denied with code 403 (phase 2). Match of "rx (?i)^[a-z0-9\\\\-._]+$" against "TX:referer-hardening-plugin_domain_name" required. [file "/etc/modsecurity/coreruleset-4.26.0/plugins/referer-hardening-plugin/plugins/referer-hardening-before.conf"] [line "221"] [id "9524170"] [msg "Invalid domain name within Referer header"] [data " google.com, https Matched Data ARGS charset: - Matched Data TX.1: google.com, https found within Content-Type multipart form Matched Data: https://google.com, https://staklim-jatim.bmkg.go.id/index.php/prediksi-iklim/prediksi-musim-tiap-6-bulan-sekali/prediksi-musim-hujan/prediksi-puncak-musim-hujan found within TX:referer-hardening-plugin_domain_name: google.com, https request_line = GET /images/Klimatologi/Analisis/04-Analisis-6-Bulanan/musim_kemarau/2026/Perbandingan_Prediksi_Puncak_Kemarau_Musim_Ke..."] [severity "CRITICAL ... show less	Email Spam Hacking
🇸🇬 mypatricks	2026-05-25 03:40:46 (2 weeks ago)	102.216.84.251 \| Port: 12442 \| DNS: 102.216.84.251 2026-05-25T11:40:45+08:00 Africa/Nairobi \| IPs re ... show more 102.216.84.251 \| Port: 12442 \| DNS: 102.216.84.251 2026-05-25T11:40:45+08:00 Africa/Nairobi \| IPs res erved list \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /page/10?fdceaaeaaffaadb=41 \| Ref: https://xxxxxx \| Country: KE/Kenya/+03:00 IP City: Nairobi macOS a0118539fc9f26ab-NBO/Nairobi, Kenya 1 hits/0 secs Browser 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇳🇱 MatStef132	2026-05-24 07:41:01 (2 weeks ago)	MatShield L7: blocked on anonymous (ua-quarantined)	Bad Web Bot
Anonymous	2026-04-15 19:05:59 (1 month ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-post.asp show less	Exploited Host Bad Web Bot
🇦🇺 MAGIC	2026-04-03 01:01:08 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇸🇬 mypatricks	2026-03-22 05:08:24 (2 months ago)	102.216.84.251 \| Port: 9914 \| DNS: 102.216.84.251 2026-03-22T13:08:23+08:00 Africa/Nairobi \| FETCH S ... show more 102.216.84.251 \| Port: 9914 \| DNS: 102.216.84.251 2026-03-22T13:08:23+08:00 Africa/Nairobi \| FETCH Sproofing Activity Detetced. \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /contents/opencart-module/?adeecbccfccfbbbbdc \| Ref: - \| Country: KE/Kenya/+03:00 IP City: Nairobi 9e02ad9d8d84af03-NBO/Nairobi, Kenya 1 hits/0 secs Robots 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
Anonymous	2026-02-09 04:34:46 (4 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 TPI-Abuse	2026-02-06 19:03:17 (4 months ago)	(mod_security) mod_security (id:210381) triggered by 102.216.84.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210381) triggered by 102.216.84.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 14:03:09.227188 2026] [security2:error] [pid 29154:tid 29154] [client 102.216.84.251:49134] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt\|\|pobanz.com\|F\|4"] [data "REQUEST_URI=/images/christmas17/07/OVFpH%JyQAWyyOsGBDNDDA_thumb_2d63.jpg"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "pobanz.com"] [uri "/images/christmas17/07/OVFpH%JyQAWyyOsGBDNDDA_thumb_2d63.jpg"] [unique_id "aYY67cPnYs1xnU16jV9X6QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2026-02-02 12:05:32 (4 months ago)	Web attack from 102.216.84.251	Web App Attack
🇺🇸 kosada.com	2026-01-29 09:10:00 (4 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 ipblock.com	2026-01-22 06:52:00 (4 months ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability probe.	Hacking Bad Web Bot Web App Attack
🇺🇸 RAP	2026-01-18 09:44:42 (4 months ago)	2026-01-18 09:44:42 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 RAP	2026-01-17 17:51:30 (4 months ago)	2026-01-17 17:51:30 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.26

🇺🇸 2600:3c01::2000:c2ff:feac:5ecd

🇺🇸 198.44.166.134

🇺🇸 162.216.150.57

🇺🇸 107.150.98.168

🇮🇳 103.138.237.18

🇬🇧 92.27.101.99

🇮🇳 59.145.52.114

🇬🇧 206.189.19.232

🇬🇧 198.244.175.108

🇭🇳 190.99.17.59

🇮🇶 169.224.94.163

🇺🇸 147.185.132.67

🇱🇹 81.30.98.44

🇷🇴 80.94.92.177

🇷🇴 2.57.122.177

🇨🇳 222.79.83.10

🇧🇷 206.42.8.243

🇲🇽 187.191.48.22

🇸🇬 165.22.60.26