JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.129.234.52

102.129.234.52 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 2%: ?

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.129.234.52

Whois 102.129.234.52

IP Abuse Reports for 102.129.234.52:

This IP address has been reported a total of 23 times from 13 distinct sources. 102.129.234.52 was first reported on June 29th 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-06-03 08:03:26 (2 weeks ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇮🇩 sockominfo	2026-01-06 00:00:47 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5/10 (MEDIUM). Reported by TangerangK ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-05 22:00:46 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.2/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.2/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-05 21:00:09 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 7.4/10 (HIGH). CVSS: 6.8/10 (Medium). ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 7.4/10 (HIGH). CVSS: 6.8/10 (Medium). Bayesian: 87%. MITRE: T1071. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Exploited Host
🇮🇩 sockominfo	2026-01-05 20:00:47 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.4/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.4/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-05 19:36:01 (5 months ago)	[WAZUH] Postfix: Multiple SASL authentication failures.	Hacking Web App Attack
Anonymous	2025-12-21 04:30:28 (5 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇨🇭 backslash	2025-11-07 12:00:50 (7 months ago)	block ruleset 486D2EE5E731CC049D1E480D68D04DFFE28AADF1	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-07 02:43:31 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 21:43:23.953853 2025] [security2:error] [pid 20465:tid 20465] [client 102.129.234.52:54292] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|summitartists.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "summitartists.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ1cy8eJVd7M7Pp_qVxZwQAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-07 01:50:51 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 20:50:46.680456 2025] [security2:error] [pid 5959:tid 5959] [client 102.129.234.52:38642] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wardellbrown.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wardellbrown.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ1QdtCtGZrOLaEPDV_7TgAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-07 01:22:25 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 20:22:22.302341 2025] [security2:error] [pid 16098:tid 16098] [client 102.129.234.52:56264] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|colbygrenier.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "colbygrenier.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ1JznZVmUjGtxDLQjUr2gAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-06 23:27:39 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 18:27:32.761302 2025] [security2:error] [pid 9234:tid 9234] [client 102.129.234.52:52920] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ursell.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ursell.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ0u5LjH5M03H59SY10V9wAAABA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 maxxsense	2025-11-01 17:55:44 (7 months ago)	(smtpauth) Failed SMTP AUTH login from 102.129.234.52 (US/United States/-)	Brute-Force
Anonymous	2025-08-04 15:48:58 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-04-26 17:58:06 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.234.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 26 13:58:01.073451 2025] [security2:error] [pid 19676:tid 19676] [client 102.129.234.52:56659] [client 102.129.234.52] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aA0eqRbEc9PkL_-AcJinsgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.25.89.208

🇩🇪 213.209.159.56

🇦🇹 84.113.198.31

🇺🇸 72.240.125.133

🇺🇸 68.84.14.253

🇺🇸 66.132.186.137

🇳🇱 45.148.10.151

🇨🇳 222.136.90.188

🇨🇴 191.97.12.90

🇺🇸 172.68.3.133

🇸🇪 158.174.211.17

🇮🇷 151.232.128.81

🇧🇩 103.213.238.91

🇮🇷 87.107.102.235

🇳🇴 81.0.174.42

🇱🇹 45.227.254.170

🇮🇶 185.166.25.150

🇺🇸 172.71.158.242

🇩🇪 167.71.44.99

🇳🇱 45.148.10.240