JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.129.252.237

102.129.252.237 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 0%: ?

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.129.252.237

Whois 102.129.252.237

IP Abuse Reports for 102.129.252.237:

This IP address has been reported a total of 45 times from 23 distinct sources. 102.129.252.237 was first reported on June 6th 2023, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-03-27 02:03:14 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-11 01:06:02 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 21:05:57.023974 2026] [security2:error] [pid 16085:tid 16085] [client 102.129.252.237:45053] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.plazahacienda.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.plazahacienda.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "abC_9cW27GtUlu9lPqeHZgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-10 14:42:00 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇬🇧 consul.to	2026-03-10 14:36:11 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇧🇪 cmbplf	2026-03-09 17:27:50 (3 months ago)	14.700 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇬🇧 consul.to	2026-03-09 09:16:19 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇦🇺 nzhost.co.nz	2026-03-08 19:29:29 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇫🇮 Shaik Sai Meera	2026-03-08 14:45:08 (3 months ago)	IM360 WAF: Request indicates a Headless browser	Brute-Force Web App Attack
🇬🇧 consul.to	2026-03-07 18:43:02 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-03-07 17:26:14 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 12:26:08.376294 2026] [security2:error] [pid 2813:tid 2813] [client 102.129.252.237:40027] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.ixd.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ixd.net"] [uri "/portfolio/projectables/wp-includes/id3/license.txt/wp-json/wp/v2/users/"] [unique_id "aaxfsOGDZitPbq83Hq-EsgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-07 11:49:37 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 06:49:33.635943 2026] [security2:error] [pid 21513:tid 21513] [client 102.129.252.237:58244] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theprairiejewel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theprairiejewel.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "aawQzbdx5UBqJRFB5jAS-gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-07 07:55:05 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-07 04:57:26 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 06 23:57:20.466280 2026] [security2:error] [pid 1334:tid 1334] [client 102.129.252.237:1978] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|prostar.industries\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "prostar.industries"] [uri "/wp-json/wp/v2/users/"] [unique_id "aauwMEiePcJWaQYjEGoJ9gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-02-18 23:08:32 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 bigscoots.com	2025-12-15 04:39:05 (6 months ago)	(smtpauth) Failed SMTP AUTH login from 102.129.252.237 (US/United States/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 102.129.252.237 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-12-14 23:37:18 dovecot_login authenticator failed for (ADMIN) [102.129.252.237]:39176: 535 Incorrect authentication data ([email protected]) 2025-12-14 23:38:23 dovecot_login authenticator failed for (ADMIN) [102.129.252.237]:51868: 535 Incorrect authentication data ([email protected]) 2025-12-14 23:38:39 dovecot_login authenticator failed for (ADMIN) [102.129.252.237]:52052: 535 Incorrect authentication data ([email protected]) 2025-12-14 23:38:46 dovecot_login authenticator failed for (ADMIN) [102.129.252.237]:42872: 535 Incorrect authentication data ([email protected]) 2025-12-14 23:39:01 dovecot_login authenticator failed for (ADMIN) [102.129.252.237]:34872: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.80

🇺🇸 205.210.31.68

🇭🇰 199.45.155.99

🇹🇼 198.235.24.66

🇮🇳 182.95.123.202

🇰🇷 168.107.4.197

🇺🇸 165.154.255.63

🇹🇷 154.53.164.43

🇷🇴 151.242.30.224

🇵🇰 111.68.99.9

🇬🇧 84.8.151.122

🇧🇬 79.124.62.134

🇩🇪 71.18.209.230

🇩🇪 217.60.245.42

🇩🇪 213.209.159.11

🇸🇾 185.225.41.192

🇫🇮 178.20.210.208

🇭🇰 152.32.212.226

🇸🇬 143.198.221.127

🇯🇵 138.199.39.178