JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.129.152.158

102.129.152.158 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 3%: ?

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Miami, Florida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.129.152.158

Whois 102.129.152.158

IP Abuse Reports for 102.129.152.158:

This IP address has been reported a total of 27 times from 19 distinct sources. 102.129.152.158 was first reported on January 20th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-16 05:33:36 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇩🇪 stinpriza	2026-04-22 20:21:19 (2 months ago)	Web App Attack	Web App Attack
Anonymous	2025-12-28 23:47:02 (5 months ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
🇧🇷 SvrAdmin	2025-12-28 23:45:44 (5 months ago)	[315] (smtpauth) Failed SMTP AUTH login from 102.129.152.158 (US/United States/-): 5 in the last 360 ... show more [315] (smtpauth) Failed SMTP AUTH login from 102.129.152.158 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: Dec 28 20:45:41 cwp01 postfix/smtpd[2759]: warning: unknown[102.129.152.158]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 28 20:45:41 cwp01 postfix/smtpd[2756]: warning: unknown[102.129.152.158]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 28 20:45:41 cwp01 postfix/smtpd[2758]: warning: unknown[102.129.152.158]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 28 20:45:41 cwp01 postfix/smtpd[2705]: warning: unknown[102.129.152.158]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 28 20:45:41 cwp01 postfix/smtpd[2757]: warning: unknown[102.129.152.158]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 show less	Port Scan Hacking Brute-Force Exploited Host
🇮🇹 VHosting	2025-12-24 03:30:15 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-11 05:19:43 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 00:19:36.861684 2025] [security2:error] [pid 21428:tid 21453] [client 102.129.152.158:29717] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eadweb.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eadweb.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRLHaFXKlEsUBpoN_HJfbgAAAJM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 02:10:22 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 21:10:16.350071 2025] [security2:error] [pid 25012:tid 25012] [client 102.129.152.158:50320] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|atame.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "atame.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRKbCHNSOJijBnO1Slz3fQAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 22:10:05 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 17:10:01.747784 2025] [security2:error] [pid 26564:tid 26568] [client 102.129.152.158:6826] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|varmouries.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "varmouries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRJiuQcT3kl5J4goiIvUNgAAAEI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-18 16:30:27 (8 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
Anonymous	2025-08-15 06:56:50 (10 months ago)	postfix	Email Spam Web App Attack
🇦🇺 MAGIC	2025-08-13 02:04:03 (10 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-08-04 15:52:09 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
🇦🇺 oncord	2025-06-19 03:30:06 (1 year ago)	Form spam	Web Spam
🇺🇸 oncord	2025-06-06 00:20:49 (1 year ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-05-31 21:22:19 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 102.129.152.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 31 17:22:13.037360 2025] [security2:error] [pid 1800700:tid 1800700] [client 102.129.152.158:49261] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cnprcertificationreviews.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cnprcertificationreviews.org"] [uri "/facebook.com"] [unique_id "aDtzBYZC7XUn5bivIQcqKwAAAAA"], referer: https://cnprcertificationreviews.org/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 130.12.180.77

🇳🇱 45.148.10.157

🇨🇳 42.180.4.166

🇺🇸 162.216.149.181

🇸🇬 159.138.107.21

🇭🇰 156.245.246.50

🇵🇭 120.28.109.188

🇹🇿 41.93.28.12

🇬🇧 35.203.210.87

🇺🇸 162.216.150.156

🇨🇦 158.69.117.34

🇺🇸 138.197.15.3

🇨🇳 120.230.22.74

🇬🇧 109.145.169.78

🇺🇸 72.167.226.244

🇸🇬 47.84.108.87

🇷🇴 193.32.162.71

🇲🇽 187.192.86.153

🇸🇬 172.253.211.27

🇦🇺 140.99.1.52