JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.129.252.29

102.129.252.29 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 0%: ?

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.129.252.29

Whois 102.129.252.29

IP Abuse Reports for 102.129.252.29:

This IP address has been reported a total of 35 times from 21 distinct sources. 102.129.252.29 was first reported on December 14th 2023, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-26 16:52:59 (2 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇭 backslash	2026-03-04 05:27:00 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-02 11:54:13 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 06:54:07.252845 2026] [security2:error] [pid 25071:tid 25071] [client 102.129.252.29:40311] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|prostar.industries\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "prostar.industries"] [uri "/wp-json/wp/v2/users/"] [unique_id "aaV6X_ef0m5jnDSaB9XVDwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-03-02 02:04:20 (3 months ago)	10 attempts against mh-misc-ban on kiwi	Web App Attack
🇧🇪 cmbplf	2026-03-02 01:39:27 (3 months ago)	276 requests with url.path */wp-includes/wlwmanifest.xml	Brute-Force Bad Web Bot
🇮🇹 VHosting	2026-03-02 01:00:09 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 UM3	2026-01-08 00:11:53 (5 months ago)	Exim Auth Failed	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 01:36:35 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:36:28.225624 2025] [security2:error] [pid 20981:tid 20981] [client 102.129.252.29:35678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|opere.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "opere.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSZZnIqzt7dBMFwmlClTwAAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:09:44 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:09:40.031526 2025] [security2:error] [pid 8104:tid 8104] [client 102.129.252.29:49346] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|laradioactivitat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "laradioactivitat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSZTVHVFUhN47jbd7TUa0gAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2025-11-25 18:30:32 (6 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇨🇭 backslash	2025-11-25 02:15:06 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-25 01:14:50 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 102.129.252.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:14:43.342492 2025] [security2:error] [pid 14561:tid 14561] [client 102.129.252.29:47044] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|raystransmission.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "raystransmission.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSUDA1cAVcGOLduqQkoLdwAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 HCF	2025-11-18 23:38:00 (7 months ago)	Generic.Path.Traversal.Detection; Web.Server.Password.File.Access; HTTP.URI.SQL.Injection; >240	Hacking SQL Injection Web App Attack
🇨🇭 ALPHANET	2025-11-16 04:35:01 (7 months ago)	Botnet or web spider not respecting robots.txt	DDoS Attack Exploited Host
🇺🇸 xmission.com	2025-11-09 16:21:20 (7 months ago)	102.129.252.29 - - [09/Nov/2025:09:21:19 -0700] "POST /wp-login.php HTTP/1.1" 200 2330 "-" "Mozilla/ ... show more 102.129.252.29 - - [09/Nov/2025:09:21:19 -0700] "POST /wp-login.php HTTP/1.1" 200 2330 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Brute-Force

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.149.230

🇮🇳 103.54.101.248

🇬🇧 37.10.113.220

🇺🇸 2a04:c300:400::181

🇩🇪 213.209.159.238

🇧🇷 200.106.214.152

🇷🇺 188.247.54.50

🇨🇲 154.70.102.114

🇭🇰 119.28.49.103

🇷🇺 93.77.187.140

🇺🇸 91.230.168.233

🇱🇻 81.30.98.144

🇧🇬 79.124.62.178

🇳🇱 45.148.10.147

🇺🇸 20.3.206.49

🇿🇦 4.221.162.168

🇷🇴 2.57.122.202

🇫🇷 2001:41d0:33d:9200::408

🇹🇭 202.29.235.12

🇧🇷 191.232.50.190