JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 179.61.166.164

179.61.166.164 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	NEAROUTE - HONG KONG
Usage Type	Data Center/Web Hosting/Transit
ASN	AS7203
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 179.61.166.164

Whois 179.61.166.164

IP Abuse Reports for 179.61.166.164:

This IP address has been reported a total of 8 times from 2 distinct sources. 179.61.166.164 was first reported on August 1st 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-07 15:40:10 (3 months ago)	\| A web attack returned code 200 (success).	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-01-16 16:04:26 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 11:04:18.109342 2026] [security2:error] [pid 12785:tid 12785] [client 179.61.166.164:46977] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/.../.../.../.../.../.../.../.../.../windows/win.ini"] [unique_id "aWphgkct8ZtA1w_igQQNmwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:34:10 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:34:01.799631 2025] [security2:error] [pid 28461:tid 28461] [client 179.61.166.164:45673] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/log/errors.log"] [unique_id "aS93aUPsk5pBswa-PZHSiwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:50:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:50:14.391695 2025] [security2:error] [pid 26090:tid 26450] [client 179.61.166.164:37399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/wp-config.old"] [unique_id "aS0slgqR0geke5MRGl4FWQAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 21:18:44 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 17:18:37.943228 2025] [security2:error] [pid 1513:tid 1513] [client 179.61.166.164:38517] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nbcnewsradio.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nbcnewsradio.com"] [uri "/server.key"] [unique_id "aQEzLYUFwuyDRjRUAsdVvgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:56:29 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:56:22.731696 2025] [security2:error] [pid 9487:tid 9526] [client 179.61.166.164:49729] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/temp.sql"] [unique_id "aN1BFkvyOqnYEaX7Ie4W0QAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-05 19:36:17 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 15:36:08.661171 2025] [security2:error] [pid 17256:tid 17256] [client 179.61.166.164:53275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.htpasswd"] [unique_id "aJJdKP8zJZc6ivIUUjKC2gAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 07:35:35 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 179.61.166.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 03:35:32.496150 2025] [security2:error] [pid 3705323:tid 3705344] [client 179.61.166.164:56293] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/windows/win.ini"] [unique_id "aIxuRFSqWoxQtnj67bcUZgAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 8.216.48.165

🇺🇸 162.216.149.147

🇨🇳 144.123.76.180

🇿🇦 105.233.67.36

🇷🇺 88.147.173.32

🇺🇸 45.130.83.109

🇺🇸 23.234.107.70

🇿🇦 2c0f:fb50:4001:5::12e

🇧🇪 198.235.24.174

🇺🇸 166.88.155.127

🇺🇸 135.222.40.122

🇳🇱 91.92.40.37

🇰🇿 82.200.235.138

🇮🇳 66.116.240.218

🇵🇰 59.103.121.32

🇺🇸 23.234.107.235

🇺🇸 23.234.107.210

🇳🇱 176.65.139.247

🇷🇴 80.94.92.182

🇩🇿 41.111.161.84