JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.129.234.96

102.129.234.96 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 100%: ?

100%

ISP	FREEDOMTECH SOLUTIONS LIMITED
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutil.io
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.129.234.96

Whois 102.129.234.96

IP Abuse Reports for 102.129.234.96:

This IP address has been reported a total of 76 times from 47 distinct sources. 102.129.234.96 was first reported on January 14th 2023, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-23 03:08:39 (2 hours ago)	Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 102.129.234.96 172.70.94.196 - - [19/Jun/2026:16:48:21 ... show more Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 102.129.234.96 172.70.94.196 - - [19/Jun/2026:16:48:21 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-21 03:08:39 (2 days ago)	Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 102.129.234.96 172.70.94.196 - - [19/Jun/2026:16:48:21 ... show more Fail2Ban Jail s2: tomcat-honeypot \| Evidence: 102.129.234.96 172.70.94.196 - - [19/Jun/2026:16:48:21 -0300] "GET /.env HTTP/1.1" 404 414 show less	Bad Web Bot
🇩🇪 BiancaNL	2026-06-20 02:08:08 (3 days ago)	Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)	Hacking
🇷🇺 DZBOT	2026-06-20 00:51:52 (3 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 Mundo Bueno	2026-06-20 00:34:12 (3 days ago)	[ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (Macintosh; Intel Mac ... show more [ISILIA Protection v2.1] Tentative d'accès: /.env \| Pays: US \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 show less	Hacking Web App Attack
🇬🇧 [email protected]	2026-06-20 00:30:29 (3 days ago)	...	Brute-Force SSH
🇩🇪 Gwyneth Llewelyn	2026-06-19 23:41:22 (3 days ago)	102.129.234.96 - - [20/Jun/2026:00:41:18 +0100] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Macin ... show more 102.129.234.96 - - [20/Jun/2026:00:41:18 +0100] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 2026/06/20 00:41:20 [error] 1929836#1929836: *3274621 access forbidden by rule, client: 102.129.234.96, server: lisbon-pre-1755-earthquake.org, request: "GET /.env HTTP/2.0", host: "lisbon-pre-1755-earthquake.org" 102.129.234.96 - - [20/Jun/2026:00:41:20 +0100] "GET /.env HTTP/2.0" 403 1045 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Brute-Force Web App Attack
Anonymous	2026-06-19 23:10:42 (3 days ago)	Automated report (2026-06-19T19:10:42-04:00). Caught probing for env file.	Hacking Web App Attack Open Proxy
🇺🇸 TPI-Abuse	2026-06-19 23:05:22 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 102.129.234.96 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 102.129.234.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:05:18.632102 2026] [security2:error] [pid 24772:tid 24772] [client 102.129.234.96:60935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nnrentacar.com"] [uri "/.env"] [unique_id "ajXLLlso-nere71oe_c3JQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:20:15 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 102.129.234.96 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 102.129.234.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:20:09.616445 2026] [security2:error] [pid 13929:tid 13929] [client 102.129.234.96:15311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "osmanhc.com"] [uri "/.env"] [unique_id "ajXAmSUh92zKfsnl2RmOSwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-19 22:04:00 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-19 22:00:49 (3 days ago)	Auto-ban: >3000 req/min op 2026-06-19	Web App Attack SSH Hacking
🇺🇸 rdpguard.com	2026-06-19 21:34:55 (3 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 21:14:14 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 102.129.234.96 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 102.129.234.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 17:14:10.240446 2026] [security2:error] [pid 32244:tid 32244] [client 102.129.234.96:13490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marianozaro.com"] [uri "/.env"] [unique_id "ajWxIgUsuW75PDMAH5gzSQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-19 21:07:02 (3 days ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx01,mx02]	Bad Web Bot Web App Attack

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 122.3.50.222

🇸🇬 43.134.27.142

🇳🇱 204.76.203.206

🇫🇷 163.172.4.167

🇮🇩 103.112.245.85

🇩🇪 93.197.160.6

🇺🇸 45.130.83.186

🇮🇷 5.125.188.73

🇰🇷 1.222.42.237

🇺🇸 209.50.169.110

🇹🇼 198.235.24.83

🇹🇭 150.109.186.152

🇮🇱 95.35.29.192

🇫🇷 91.231.89.245

🇩🇪 72.56.188.236

🇺🇸 67.81.118.42

🇺🇸 54.88.15.56

🇧🇷 45.169.231.144

🇫🇷 4.211.84.189

🇺🇸 209.97.149.35