JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 179.61.245.215

179.61.245.215 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	Cyber Assets FZCO
Usage Type	Data Center/Web Hosting/Transit
ASN	AS7203
Domain Name	cyberassets.ae
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 179.61.245.215

Whois 179.61.245.215

IP Abuse Reports for 179.61.245.215:

This IP address has been reported a total of 8 times from 3 distinct sources. 179.61.245.215 was first reported on January 15th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-16 04:14:40 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 23:14:33.936488 2026] [security2:error] [pid 3447:tid 3447] [client 179.61.245.215:41211] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/header.php.bak"] [unique_id "aWm7KeL-acbIK2TlFFRvTgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:34:08 (5 months ago)	(mod_security) mod_security (id:217200) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:33:26.642552 2025] [security2:error] [pid 27837:tid 28061] [client 179.61.245.215:40679] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|www.kettlehill.net\|F\|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.kettlehill.net"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aVK7ZlTnFBsA92hvAN5YoAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:26:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:26:16.412602 2025] [security2:error] [pid 2721:tid 2721] [client 179.61.245.215:46201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aS9niOu2Y5WoXO7NdvP82gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 10:55:19 (7 months ago)	(mod_security) mod_security (id:212620) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:55:12.466203 2025] [security2:error] [pid 23759:tid 23759] [client 179.61.245.215:33033] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?s=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.nbcnewsradio.com"] [uri "/"] [unique_id "aRW5EADtoE_HMZbvay0kbQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:13:51 (11 months ago)	(mod_security) mod_security (id:210492) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:13:09.195321 2025] [security2:error] [pid 172225:tid 172402] [client 179.61.245.215:44627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/wp-config.php~"] [unique_id "aIVvFSMU3kwwovU6SBKNZQAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 23:38:12 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 179.61.245.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:38:08.794611 2025] [security2:error] [pid 3754318:tid 3754318] [client 179.61.245.215:48611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.farmers123.com"] [uri "/.env_sample"] [unique_id "aDjv4H_FwP3jNg9u6Q1P3wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Vincent Helmus	2025-05-16 17:40:19 (1 year ago)	ALL	DNS Compromise DNS Poisoning Fraud Orders DDoS Attack FTP Brute-Force Ping of Death Phishing Fraud VoIP Open Proxy Web Spam Email Spam Blog Spam VPN IP Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
Anonymous	2025-01-15 07:10:45 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.164.238.56

🇧🇷 177.36.18.79

🇺🇸 173.194.103.81

🇺🇸 172.56.124.42

🇻🇳 171.244.143.209

🇺🇸 162.144.213.198

🇨🇲 129.0.76.10

🇨🇳 124.117.195.216

🇨🇳 120.48.199.28

🇨🇳 116.179.32.34

🇫🇷 86.210.112.241

🇨🇭 77.58.176.85

🇳🇱 45.148.10.147

🇮🇳 27.123.113.10

🇻🇳 14.224.227.189

🇨🇦 2607:f8b0:4023:1803::126

🇺🇸 216.218.206.103

🇺🇸 185.226.196.12

🇨🇴 181.78.3.205

🇧🇷 179.218.63.2