JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 121.130.172.173

121.130.172.173 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	Korea Telecom
Usage Type	Fixed Line ISP
ASN	AS4766
Domain Name	kt.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 121.130.172.173

Whois 121.130.172.173

IP Abuse Reports for 121.130.172.173:

This IP address has been reported a total of 6 times from 4 distinct sources. 121.130.172.173 was first reported on July 1st 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2024-09-25 03:23:04 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 121.130.172.173 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 121.130.172.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 23:22:56.408377 2024] [security2:error] [pid 31344:tid 31344] [client 121.130.172.173:46787] [client 121.130.172.173] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 121.130.172.173 (+1 hits since last alert)\|www.abundancecompany.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.abundancecompany.com"] [uri "/xmlrpc.php"] [unique_id "ZvOCEGVAT0h6fl8T0SK_ZgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-03 01:31:04 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-07-02 23:56:48 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 121.130.172.173 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 121.130.172.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 19:56:41.295004 2024] [security2:error] [pid 20823:tid 47811515131648] [client 121.130.172.173:38621] [client 121.130.172.173] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 121.130.172.173 (+1 hits since last alert)\|iacsb.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iacsb.com"] [uri "/xmlrpc.php"] [unique_id "ZoSTubJxnmKiR0qkZnq-fQAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-07-02 18:00:39 (1 year ago)	Suspicious activity detected by Modsecurity [Suspicious IP found on 56 endpoints 72 hits. Reincident ... show more Suspicious activity detected by Modsecurity [Suspicious IP found on 56 endpoints 72 hits. Reincident by 0. Rules:] show less	Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 14:23:36 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 121.130.172.173 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 121.130.172.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 10:23:30.952771 2024] [security2:error] [pid 13015] [client 121.130.172.173:46783] [client 121.130.172.173] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 121.130.172.173 (+1 hits since last alert)\|www.consolidatedoperationsgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.consolidatedoperationsgroup.com"] [uri "/xmlrpc.php"] [unique_id "ZoQNYrMI9jWL8jsGLj7YMgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-07-01 21:34:41 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 192.109.200.78

🇩🇪 164.92.250.106

🇯🇵 156.246.88.93

🇺🇸 135.119.27.130

🇨🇳 116.249.227.66

🇨🇳 110.42.32.187

🇮🇩 103.195.31.152

🇳🇱 93.123.109.62

🇺🇸 54.225.52.227

🇯🇵 54.178.27.53

🇺🇸 50.116.26.161

🇸🇬 47.82.54.167

🇪🇨 45.184.226.43

🇬🇧 35.203.211.213

🇬🇧 35.203.210.197

🇯🇵 13.230.111.142

🇨🇳 203.56.201.183

🇭🇰 199.45.154.187

🇧🇪 198.235.24.216

🇸🇪 195.178.191.5