JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.29.162.166

46.29.162.166 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 42%: ?

42%

ISP	LLC Baxet
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49392
Domain Name	baxet.ru
Country	🇷🇺 Russian Federation
City	Novosibirsk, Novosibirsk Oblast

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.29.162.166

Whois 46.29.162.166

IP Abuse Reports for 46.29.162.166:

This IP address has been reported a total of 33 times from 18 distinct sources. 46.29.162.166 was first reported on January 13th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-31 14:40:32 (1 week ago)	(mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 10:40:25.011835 2026] [security2:error] [pid 28176:tid 28176] [client 46.29.162.166:24972] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|haverhillhouse.com:443\|F\|4"] [data "CONNECT haverhillhouse.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "haverhillhouse.com"] [uri "/"] [unique_id "ahxIWezlF2o_4Lr7ncs2LQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-30 06:03:40 (1 week ago)	46.29.162.166 - - [29/May/2026:21:11:32 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 46.2 ... show more 46.29.162.166 - - [29/May/2026:21:11:32 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [29/May/2026:21:21:49 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [29/May/2026:23:42:42 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [29/May/2026:23:57:28 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [30/May/2026:00:03:39 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇬🇧 Interceptor_HQ	2026-05-29 16:45:10 (1 week ago)	request_uri: http://vps-91b2f28b.vps.ovh.net/.git/HEAD -- automatic report --	Brute-Force Hacking
🇨🇭 Origon	2026-05-28 05:16:19 (1 week ago)	http-open-proxy - IP: 46.29.162.166 - time="2026-05-28T07:16:19+02:00" level=info msg="(555f66b4f6a ... show more http-open-proxy - IP: 46.29.162.166 - time="2026-05-28T07:16:19+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-open-proxy by ip 46.29.162.166 (RU/49392) : 4h ban on Ip 46.29.162.166" module=db show less	Web App Attack
Anonymous	2026-05-28 02:30:02 (1 week ago)	Web App Attack, Hacking	Hacking Web App Attack
🇩🇪 Skyrider	2026-05-26 17:44:47 (1 week ago)	crowdsecurity/http-open-proxy	Hacking
🇺🇸 TPI-Abuse	2026-05-21 01:05:49 (2 weeks ago)	(mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 21:05:43.965231 2026] [security2:error] [pid 24850:tid 24850] [client 46.29.162.166:50438] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.dmasoftlab.com\|F\|4"] [data "GET http://www.dmasoftlab.com HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.dmasoftlab.com"] [uri "/"] [unique_id "ag5aZxFL6c2lC2yqx6a0vQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 DrLex0	2026-05-20 13:29:14 (2 weeks ago)	BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or j ... show more BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or just plain stupidity from whomever wrote this piece of crap show less	Hacking Bad Web Bot Exploited Host
🇳🇱 DrLex0	2026-05-15 15:40:06 (3 weeks ago)	BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or j ... show more BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or just plain stupidity from whomever wrote this piece of crap show less	Hacking Bad Web Bot Exploited Host
🇺🇸 TPI-Abuse	2026-05-12 06:50:08 (3 weeks ago)	(mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 02:50:01.504581 2026] [security2:error] [pid 29624:tid 29636] [client 46.29.162.166:13116] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.myrtlebeachdiet.com:443\|F\|4"] [data "CONNECT www.myrtlebeachdiet.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.myrtlebeachdiet.com"] [uri "/"] [unique_id "agLNmWGzWQFK9Ehld8cU4wAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 webadmin	2026-04-19 02:59:01 (1 month ago)	46.29.162.166 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 46.29 ... show more 46.29.162.166 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" 46.29.162.166 - - [19/Apr/2026:04:59:01 +0200] "CONNECT inweo.eu:443 HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇩🇪 Skyrider	2026-04-17 22:16:26 (1 month ago)	crowdsecurity/http-open-proxy	Hacking
🇺🇸 TPI-Abuse	2026-04-17 14:53:19 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:217210) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 10:53:10.428869 2026] [security2:error] [pid 2090:tid 2090] [client 46.29.162.166:35019] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|phuket-boatcharter.com:443\|F\|4"] [data "CONNECT phuket-boatcharter.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "phuket-boatcharter.com"] [uri "/"] [unique_id "aeJJVrhGpOv-3_W39JWhewAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 DrLex0	2026-04-12 18:10:55 (1 month ago)	BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or j ... show more BnL002: GET with absolute URL, obvious botnet minion; either attempt to find exploitable proxy, or just plain stupidity from whomever wrote this piece of crap show less	Hacking Bad Web Bot Exploited Host
🇺🇸 TPI-Abuse	2026-04-09 19:42:23 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 46.29.162.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 15:42:14.283603 2026] [security2:error] [pid 1420024:tid 1420024] [client 46.29.162.166:43439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidbine.net"] [uri "/.env"] [unique_id "adgBFhGU7R5Cy6T1UrSSwwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.45

🇮🇩 157.66.56.90

🇳🇱 45.148.10.152

🇳🇱 45.148.10.147

🇬🇧 217.154.45.93

🇺🇸 162.216.150.236

🇺🇸 152.32.233.95

🇷🇺 94.233.127.194

🇳🇱 88.151.33.224

🇺🇿 87.192.224.131

🇩🇪 64.89.163.140

🇨🇳 47.121.28.46

🇨🇳 42.51.40.180

🇺🇸 34.138.50.160

🇺🇸 205.210.31.107

🇧🇪 198.235.24.209

🇹🇼 198.235.24.99

🇧🇷 191.232.234.48

🇲🇽 186.96.145.241

🇷🇺 176.193.141.80