JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.215.57.230

102.215.57.230 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Starlink Internet Services Nigeria Ltd
Usage Type	Unknown
ASN	Unknown
Hostname(s)	customer.lgosnga1.pop.starlinkisp.net
Domain Name	starlinkisp.net
Country	🇳🇬 Nigeria
City	Lagos, Lagos

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.215.57.230

Whois 102.215.57.230

IP Abuse Reports for 102.215.57.230:

This IP address has been reported a total of 14 times from 10 distinct sources. 102.215.57.230 was first reported on May 9th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2025-12-23 12:20:11 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-11-17 06:22:09 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-08-31 20:07:22 (9 months ago)	Attacks with Bad user agents	Hacking
🇨🇳 ThreatBook.io	2025-04-16 01:13:35 (1 year ago)	ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/102.215.57.230	SSH
Anonymous	2024-08-18 18:09:24 (1 year ago)	Ports: 25,110,143,993,995; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-08-04 17:53:25 (1 year ago)	Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇨🇿 unhfree.net	2024-08-04 17:46:33 (1 year ago)	Aug 4 19:38:58 canopus postfix/smtpd[2707726]: NOQUEUE: reject: RCPT from unknown[102.215.57.230]: ... show more Aug 4 19:38:58 canopus postfix/smtpd[2707726]: NOQUEUE: reject: RCPT from unknown[102.215.57.230]: 554 5.7.1 <[email protected]>: Recipient address rejected: Maximum 20 messages per 60 minutes limit reached; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<178-132-2-10.hosted-by-worldstream.net.> Aug 4 19:40:27 canopus postfix/smtpd[2697961]: NOQUEUE: reject: RCPT from unknown[102.215.57.230]: 554 5.7.1 <[email protected]>: Recipient address rejected: Maximum 20 messages per 60 minutes limit reached; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<178-132-2-10.hosted-by-worldstream.net.> Aug 4 19:41:23 canopus postfix/smtpd[2697029]: NOQUEUE: reject: RCPT from unknown[102.215.57.230]: 554 5.7.1 <[email protected]>: Recipient address rejected: Maximum 20 messages per 60 minutes limit reached; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<178-132-2-10.hosted-by-worldstream.net.> Aug 4 19:45:23 canopus postfix/smtpd[270730 ... show less	Brute-Force Exploited Host
🇨🇴 conexcol	2024-08-04 17:46:14 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 102.215.57.230 (NG/Nigeria/customer.lgosnga1.pop.starlinkisp. ... show more (smtpauth) Failed SMTP AUTH login from 102.215.57.230 (NG/Nigeria/customer.lgosnga1.pop.starlinkisp.net): 5 in the last 3600 secs show less	Brute-Force
🇳🇿 Tripwire	2024-05-20 22:36:56 (2 years ago)	Wordpress login attempts	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-05-20 19:02:55 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 102.215.57.230 (customer.lgosnga1.pop.starlinki ... show more (mod_security) mod_security (id:225170) triggered by 102.215.57.230 (customer.lgosnga1.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 20 15:02:48.226863 2024] [security2:error] [pid 22093] [client 102.215.57.230:37057] [client 102.215.57.230] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.quickasawink.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.quickasawink.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZkueWBU89jYfOn3BHtBsXAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-05-15 04:19:22 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-05-13 13:19:01 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 102.215.57.230 (customer.lgosnga1.pop.starlinki ... show more (mod_security) mod_security (id:225170) triggered by 102.215.57.230 (customer.lgosnga1.pop.starlinkisp.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 13 09:18:56.593282 2024] [security2:error] [pid 24448] [client 102.215.57.230:5464] [client 102.215.57.230] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|salernospizza.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salernospizza.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZkITQD5kki2edNaw4CoLGgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2024-05-09 06:00:18 (2 years ago)	MYH: Web Attack GET /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.154.42.110

🇧🇬 185.253.160.7

🇩🇪 144.31.57.183

🇺🇸 64.83.17.50

🇵🇱 51.38.128.76

🇺🇸 34.60.63.125

🇺🇸 20.102.117.125

🇦🇷 190.55.123.171

🇺🇸 136.114.47.21

🇨🇳 117.72.212.5

🇩🇪 104.207.53.201

🇫🇷 91.231.89.3

🇰🇪 197.248.8.33

🇺🇸 147.185.132.98

🇩🇪 104.207.50.43

🇰🇪 102.210.28.99

🇧🇾 81.30.98.142

🇸🇬 47.128.25.95

🇮🇩 36.78.151.154

🇩🇪 2.59.133.199