JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 81.17.29.2

81.17.29.2 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 0%: ?

ISP	CLIENTID1151
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51852
Hostname(s)	hostedby.privatelayer.com
Domain Name	privatelayer.com
Country	🇨🇭 Switzerland
City	Bellinzona, Ticino

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 81.17.29.2

Whois 81.17.29.2

IP Abuse Reports for 81.17.29.2:

This IP address has been reported a total of 54 times from 22 distinct sources. 81.17.29.2 was first reported on January 15th 2024, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 octageeks.com	2024-05-24 04:09:31 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-05-23 04:09:28 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇬🇧 findlab	2024-05-19 18:00:02 (2 years ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇫🇷 Laurent-1971	2024-05-18 19:34:53 (2 years ago)	/Ueditor/net/controller.ashx?action=catchimage [ Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) ... show more /Ueditor/net/controller.ashx?action=catchimage [ Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) ] show less	Web App Attack
🇮🇹 IRT@Unisi	2024-02-12 13:10:44 (2 years ago)	web_app3:Drupal.Core.Form.Rendering.Component.Remote.Code.Execution	Web App Attack
🇸🇪 webbfabriken	2024-01-22 16:17:06 (2 years ago)	spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbf ... show more spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbfabiken Security API - WFSecAPI show less	Web Spam
🇧🇪 taivas.nl	2024-01-17 05:32:22 (2 years ago)	Many_bad_calls	Web App Attack
Anonymous	2024-01-16 18:03:52 (2 years ago)	$f2bV_matches	Brute-Force Web App Attack
🇺🇸 TheMadBeaker	2024-01-16 17:41:46 (2 years ago)	Fail2Ban Ban Triggered HTTP Exploit Attempt	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-01-16 17:23:42 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 16 12:23:39.201393 2024] [security2:error] [pid 1290:tid 47327425824512] [client 81.17.29.2:53042] [client 81.17.29.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|freelipink.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "freelipink.com"] [uri "/install/index.php.bak"] [unique_id "Zaa7m1SO0bCU5a9ITDRw7QAAAEI"], referer: http://freelipink.com/install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=njawg.php&updateHost=http://syzhaf.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-16 16:36:04 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 16 11:35:58.287373 2024] [security2:error] [pid 12595] [client 81.17.29.2:56666] [client 81.17.29.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.the-practical-pionus.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.the-practical-pionus.com"] [uri "/install/index.php.bak"] [unique_id "ZaawbvnK1F1m-tDRQ0VMuQAAAAs"], referer: http://www.the-practical-pionus.com/install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=narsh.php&updateHost=http://syzhaf.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-16 16:03:32 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 16 11:03:27.398081 2024] [security2:error] [pid 8617] [client 81.17.29.2:53600] [client 81.17.29.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|tpdtuberental.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tpdtuberental.com"] [uri "/install/index.php.bak"] [unique_id "Zaaoz_ms0qTlNlpu5FsJrwAAABc"], referer: http://tpdtuberental.com/install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=ftcaa.php&updateHost=http://syzhaf.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2024-01-16 15:03:42 (2 years ago)	Too many Status 40X (32)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-01-16 13:15:18 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 16 08:15:15.373212 2024] [security2:error] [pid 10540] [client 81.17.29.2:62694] [client 81.17.29.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lockyers.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lockyers.com"] [uri "/install/index.php.bak"] [unique_id "ZaaBY9ym_ea-5yWjIJRF2QAAAA8"], referer: https://lockyers.com/install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=oakus.php&updateHost=http://syzhaf.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-16 12:53:06 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in th ... show more (mod_security) mod_security (id:210730) triggered by 81.17.29.2 (hostedby.privatelayer.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 16 07:53:02.362287 2024] [security2:error] [pid 2468] [client 81.17.29.2:56366] [client 81.17.29.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.servicekomputerowy.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.servicekomputerowy.com"] [uri "/install/index.php.bak"] [unique_id "ZaZ8LoEz8wQyjbBjZQ1h1QAAAAM"], referer: http://www.servicekomputerowy.com/install/index.php.bak?step=11&insLockfile=a&s_lang=a&install_demo_name=grhfk.php&updateHost=http://syzhaf.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.240.45

🇲🇾 195.86.192.66

🇲🇽 186.96.145.241

🇭🇰 103.210.22.17

🇵🇰 103.115.199.18

🇷🇴 82.77.156.181

🇬🇧 81.19.219.213

🇺🇸 70.123.115.28

🇺🇸 62.132.18.142

🇷🇺 5.19.136.94

🇬🇧 198.244.242.112

🇳🇱 195.178.110.48

🇻🇳 160.187.147.124

🇺🇸 157.245.1.7

🇧🇩 103.224.55.166

🇱🇹 45.227.254.170

🇺🇸 45.144.112.62

🇺🇸 31.59.43.5

🇨🇳 218.4.120.211

🇺🇸 216.231.37.248