JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 176.29.27.42

176.29.27.42 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 12%: ?

12%

ISP	Broadband Service
Usage Type	Mobile ISP
ASN	AS48832
Domain Name	zain.com
Country	🇯🇴 Jordan
City	Amman, Amman

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 176.29.27.42

Whois 176.29.27.42

IP Abuse Reports for 176.29.27.42:

This IP address has been reported a total of 6 times from 3 distinct sources. 176.29.27.42 was first reported on November 17th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 22:16:51 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:16:46.265839 2026] [security2:error] [pid 22870:tid 22870] [client 176.29.27.42:18749] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 176.29.27.42 (+1 hits since last alert)\|godcanuseyou.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "godcanuseyou.com"] [uri "/xmlrpc.php"] [unique_id "aiXtzge_iQoXFlBwBeUIIQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 22:04:11 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 15:18:22 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:18:17.413727 2026] [security2:error] [pid 28729:tid 28742] [client 176.29.27.42:19014] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 176.29.27.42 (+1 hits since last alert)\|dasperformance.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dasperformance.com"] [uri "/xmlrpc.php"] [unique_id "aiWLuW-sELZmMpTkVbt2aAAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 16:15:43 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 12:15:38.363100 2026] [security2:error] [pid 14535:tid 14535] [client 176.29.27.42:27900] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 176.29.27.42 (+1 hits since last alert)\|globaldentalservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "aiRHqkYa0t0LHruEmWR-rAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 13:51:49 (5 months ago)	(mod_security) mod_security (id:211700) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211700) triggered by 176.29.27.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 08:51:46.010112 2026] [security2:error] [pid 16402:tid 16402] [client 176.29.27.42:14655] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[ ()]case ?\\\\(\|\\\\) ?like ?\\\\(\|\\\\bhaving ?[^\\\\s]+ ?[^\\\\w ]\|\\\\bif ?\\\\([\\\\d\\\\w] ?[=<>~])" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "35"] [id "211700"] [rev "10"] [msg "COMODO WAF: Detects conditional SQL injection attempts\|\|www.stpetersplayers.co.uk\|F\|2"] [data "Matched Data: case found within MATCHED_VAR: 2008-03-30 Agathas Greatest Case (David - Dress)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "www.stpetersplayers.co.uk"] [uri "/gallery.php"] [unique_id "aWzlclDqPP4q59Y82uNy6QAAAAo"], referer: http://www.stpetersplayers.co.uk/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 11:54:01 (7 months ago)	scanning http requests from known botnet	Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 117.121.214.50

🇺🇸 64.62.156.193

🇺🇸 20.65.194.61

🇺🇸 18.116.101.220

🇺🇸 216.25.89.110

🇯🇵 157.7.200.152

🇺🇸 147.185.132.97

🇨🇳 106.13.37.197

🇳🇱 45.148.10.151

🇺🇸 34.106.150.153

🇷🇴 193.46.255.86

🇧🇷 192.141.106.155

🇦🇲 176.32.193.16

🇨🇦 20.151.205.58

🇺🇸 2604:a880:400:d1:0:4:9e8f:6001

🇨🇦 184.75.221.3

🇧🇷 177.39.156.25

🇸🇬 172.253.236.212

🇳🇱 160.119.76.53

🇲🇳 66.181.171.136