JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 79.127.132.2

79.127.132.2 was found in our database!

This IP was reported 59 times. Confidence of Abuse is 0%: ?

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-79-127-132-2.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 79.127.132.2

Whois 79.127.132.2

IP Abuse Reports for 79.127.132.2:

This IP address has been reported a total of 59 times from 38 distinct sources. 79.127.132.2 was first reported on October 30th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 DZBOT	2026-04-08 18:15:12 (2 months ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇦🇺 oncord	2026-04-01 03:55:42 (2 months ago)	Form spam	Web Spam
🇮🇹 VHosting	2025-10-16 14:00:03 (8 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-09-01 20:08:34 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 SpaceHost-Server	2025-08-31 22:55:48 (9 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-08-31 20:08:32 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2025-08-31 00:08:32 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 SpaceHost-Server	2025-08-30 22:54:34 (9 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-08-30 20:08:32 (9 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2025-08-30 16:47:21 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): ... show more (mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 12:47:13.170387 2025] [security2:error] [pid 7764:tid 7764] [client 79.127.132.2:60297] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fitnessgearmagazine.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fitnessgearmagazine.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLMrEez24ZMX0kF2VXuPYgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-30 15:58:38 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): ... show more (mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 11:58:34.294164 2025] [security2:error] [pid 8693:tid 8693] [client 79.127.132.2:57900] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.robinsnestingplace.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.robinsnestingplace.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLMfqmqVbbdnzCUDi_CWiAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-30 12:48:08 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): ... show more (mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 08:48:02.282460 2025] [security2:error] [pid 27769:tid 27769] [client 79.127.132.2:48582] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|faithlines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "faithlines.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLLzAmE-SpOFqsBPC-COPwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-30 11:45:46 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): ... show more (mod_security) mod_security (id:225170) triggered by 79.127.132.2 (unn-79-127-132-2.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 07:45:41.560343 2025] [security2:error] [pid 18159:tid 18159] [client 79.127.132.2:2690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.isslv.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.isslv.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLLkZU3jUHr6hC65DzwMxAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 neo72	2025-08-30 11:04:04 (9 months ago)	Wordpress Attack	Web App Attack
🇺🇸 rdpguard.com	2025-08-30 09:02:13 (9 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force

Showing 1 to 15 of 59 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 203.205.37.233

🇵🇱 104.165.13.112

🇫🇷 91.231.89.212

🇰🇷 220.127.148.6

🇮🇹 185.15.171.128

🇧🇬 79.124.59.78

🇫🇷 51.68.44.234

🇺🇸 17.246.19.168

🇺🇸 17.241.75.220

🇮🇳 14.194.125.58

🇬🇧 2a06:4880:c000::f3

🇩🇪 213.209.159.238

🇮🇩 182.6.79.243

🇳🇱 176.65.132.37

🇸🇪 170.168.30.217

🇩🇪 167.94.145.24

🇳🇬 165.154.11.225

🇨🇳 121.224.115.232

🇮🇳 117.200.87.69

🇺🇸 64.62.197.63