AbuseIPDB » 177.192.5.166
177.192.5.166
This IP was reported 5 times. Confidence of
Abuse
is 0% : ?
ISP
Claro NXT Telecomunicacoes Ltda
Usage Type
Fixed Line ISP
ASN
AS28573
Hostname(s)
b1c005a6.virtua.com.br
Domain Name
claro.com.br
Country
๐ง๐ท
Brazil
City
Rio de Janeiro, Rio de Janeiro
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 177.192.5.166 :
This IP address has been reported a total of
5
times from
5 distinct
sources.
177.192.5.166 was first reported on
August 6th 2025 , and the most recent report was
3 months ago
Old Reports:
The most recent abuse report for this IP address is from
3 months ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐จ๐ฆ
polycoda
2026-02-10 14:08:18
(3 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
2025-11-22 15:23:58
(6 months ago)
scanning http requests from known botnet
Web App Attack
2025-10-07 06:52:25
(7 months ago)
Distributed web crawl (like Mellowtel), likely illicit scraping of AI training data to bypass firewa ...
show more
Distributed web crawl (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions (/forums/forums/thread-post.asp?action=reply&replyto=186547%22e%3Dyes)
show less
Bad Web Bot
Exploited Host
๐ณ๐ฑ
exxos
2025-09-10 11:03:01
(8 months ago)
Attacks with Bad user agents
Hacking
๐บ๐ธ
TPI-Abuse
2025-08-06 09:25:00
(10 months ago)
(mod_security) mod_security (id:217210) triggered by 177.192.5.166 (b1c005a6.virtua.com.br): 1 in th ...
show more
(mod_security) mod_security (id:217210) triggered by 177.192.5.166 (b1c005a6.virtua.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 06 05:24:53.883063 2025] [security2:error] [pid 19692:tid 19692] [client 177.192.5.166:11550] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||www.theprairiejewel.com|F|4"] [data "GET http://www.theprairiejewel.com HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.theprairiejewel.com"] [uri "/"] [unique_id "aJMfZdve5UKKL_KxE6TGvwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
5
of 5 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: