JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 61.79.249.128

61.79.249.128 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 0%: ?

ISP	Korea Telecom
Usage Type	Fixed Line ISP
ASN	AS4766
Domain Name	kt.com
Country	🇰🇷 Korea (the Republic of)
City	Incheon, Incheon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 61.79.249.128

Whois 61.79.249.128

IP Abuse Reports for 61.79.249.128:

This IP address has been reported a total of 57 times from 27 distinct sources. 61.79.249.128 was first reported on September 3rd 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-09-17 20:08:51 (8 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 stinpriza	2025-09-17 15:56:54 (8 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-09-17 00:57:52 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 16 20:57:47.144976 2025] [security2:error] [pid 1035047:tid 1035047] [client 61.79.249.128:46911] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|persnicketyinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aMoHi9M-Pcjhsjtaa8rr6QAAABQ"], referer: https://persnicketyinc.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-13 15:40:34 (8 months ago)	Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/1.1, GET /wp-login.php?redirect_to=h ... show more Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/1.1, GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.bureaufeestbees, GET /wp-json/wp/v2/users/ HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 F242	2025-09-12 01:46:42 (8 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 Hazzard	2025-09-11 23:29:10 (8 months ago)	(wordpress) Failed wordpress login from 61.79.249.128 (KR/South Korea/Incheon/Gyeyang-gu/-/[redacted ... show more (wordpress) Failed wordpress login from 61.79.249.128 (KR/South Korea/Incheon/Gyeyang-gu/-/[redacted]) show less	Brute-Force
🇲🇾 syokadmin	2025-09-10 15:02:36 (8 months ago)	61.79.249.128 (-), 2 distributed smtpauth attacks on account [[email protected]] in the last 3600 ... show more 61.79.249.128 (-), 2 distributed smtpauth attacks on account [[email protected]] in the last 3600 secs show less	Brute-Force
🇺🇸 TPI-Abuse	2025-09-10 00:14:56 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 09 20:14:52.239191 2025] [security2:error] [pid 20055:tid 20055] [client 61.79.249.128:35567] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aMDC_JGmrGDKN492uBwRyQAAAAM"], referer: https://jolankagroup.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-07 03:21:55 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 23:21:50.549824 2025] [security2:error] [pid 22962:tid 22962] [client 61.79.249.128:41951] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLz6TuiR2LXoxBpnTCtUYwAAAAo"], referer: https://primacomm.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 01:46:33 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 61.79.249.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 21:46:26.411270 2025] [security2:error] [pid 6916:tid 6916] [client 61.79.249.128:38189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|manaplas.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "manaplas.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLuScgQDWUEGCAkxEktnzAAAAAg"], referer: https://manaplas.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 syokadmin	2025-09-04 19:31:17 (8 months ago)	61.79.249.128 (-), 5 distributed SMTP Logins on account [[email protected]] in the last 300 secs	Brute-Force
🇮🇹 VHosting	2025-09-03 18:51:07 (9 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force

Showing 46 to 57 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c27::120

🇰🇷 220.118.173.234

🇧🇷 205.210.31.129

🇬🇧 172.71.241.14

🇨🇳 117.183.131.104

🇺🇸 65.49.1.149

🇺🇸 45.56.83.247

🇭🇰 42.200.66.164

🇩🇪 31.58.144.12

🇷🇴 2.57.121.25

🇹🇭 203.154.158.195

🇲🇽 187.140.186.129

🇩🇪 130.12.180.34

🇨🇳 111.50.70.34

🇺🇸 107.167.34.125

🇺🇸 107.0.200.227

🇫🇷 91.196.152.208

🇬🇧 89.37.172.151

🇩🇪 69.5.169.86

🇨🇳 60.191.221.172