JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 129.222.57.24

129.222.57.24 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 24%: ?

24%

ISP	SpaceX Services, Inc.
Usage Type	Fixed Line ISP
ASN	AS14593
Hostname(s)	customer.sfiabgr1.isp.starlink.com
Domain Name	spacex.com
Country	🇬🇷 Greece
City	Athens, Attica

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 129.222.57.24

Whois 129.222.57.24

IP Abuse Reports for 129.222.57.24:

This IP address has been reported a total of 4 times from 3 distinct sources. 129.222.57.24 was first reported on June 25th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 14:43:43 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 129.222.57.24 (customer.sfiabgr1.isp.starlink.c ... show more (mod_security) mod_security (id:240335) triggered by 129.222.57.24 (customer.sfiabgr1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:43:36.908652 2026] [security2:error] [pid 14745:tid 14745] [client 129.222.57.24:5353] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 129.222.57.24 (+1 hits since last alert)\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cemesur-vision21.com"] [uri "/xmlrpc.php"] [unique_id "aj0-mLD1lEo_danqITlycgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 08:36:18 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 129.222.57.24 (customer.sfiabgr1.isp.starlink.c ... show more (mod_security) mod_security (id:240335) triggered by 129.222.57.24 (customer.sfiabgr1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:36:12.123020 2026] [security2:error] [pid 9940:tid 10006] [client 129.222.57.24:59794] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 129.222.57.24 (+1 hits since last alert)\|maroontribe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maroontribe.com"] [uri "/xmlrpc.php"] [unique_id "ajzofGNjYWaWbYb7OdG4xQAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-25 07:05:50 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/customer.sfiabgr1.isp.starlink.com	Web App Attack
🇱🇻 garmtech.com	2026-06-25 05:21:27 (1 day ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)	Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇪 128.251.36.118

🇱🇻 81.30.98.144

🇳🇱 45.156.87.216

🇬🇧 37.10.113.221

🇺🇸 216.24.212.51

🇨🇦 212.32.48.75

🇹🇼 198.235.24.102

🇧🇷 186.251.71.202

🇧🇷 138.255.230.4

🇩🇪 46.229.253.2

🇸🇪 31.59.160.12

🇺🇸 31.59.40.94

🇵🇪 190.81.117.162

🇸🇪 171.25.158.82

🇺🇸 147.185.132.135

🇹🇼 114.34.106.146

🇩🇪 45.135.194.83

🇹🇼 198.235.24.108

🇩🇪 128.1.123.90

🇳🇱 91.92.40.10