JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.66.56.107

157.66.56.107 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 58%: ?

58%

ISP	Argon Data Communication
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58477
Domain Name	argonhost.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.66.56.107

Whois 157.66.56.107

IP Abuse Reports for 157.66.56.107:

This IP address has been reported a total of 37 times from 27 distinct sources. 157.66.56.107 was first reported on March 29th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 el-brujo	2026-06-07 22:57:35 (5 days ago)	Cloudflare WAF: Request Path: /wp-content/uploads/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Hos ... show more Cloudflare WAF: Request Path: /wp-content/uploads/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker.net userAgent: python-requests/2.33.0 Action: log Source: firewallManaged ASN Description: Argon Data Communication Country: ID Method: GET Timestamp: 2026-06-07T22:57:35Z ruleId: 9f35644b7f734c87a57cfd6d8b036974. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇫🇷 SpaceHost-Server	2026-06-07 22:26:10 (5 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-06 22:26:02 (6 days ago)		Brute-Force Web App Attack
🇪🇸 el-brujo	2026-06-06 16:41:59 (6 days ago)	Cloudflare WAF: Request Path: /images/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker. ... show more Cloudflare WAF: Request Path: /images/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker.net userAgent: python-requests/2.33.0 Action: log Source: firewallManaged ASN Description: Argon Data Communication Country: ID Method: GET Timestamp: 2026-06-06T16:41:59Z ruleId: 9f35644b7f734c87a57cfd6d8b036974. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 nyt	2026-06-06 09:11:20 (1 week ago)	404 flood (16/60s), Suspicious path traversal attempt in request	Bad Web Bot Web App Attack
🇩🇪 roxyapi	2026-06-06 08:40:27 (1 week ago)	Honeypot: automated vulnerability scan / web app attack. Last probe: GET /wp-admin/network/LEVIATHAN ... show more Honeypot: automated vulnerability scan / web app attack. Last probe: GET /wp-admin/network/LEVIATHAN/haxorcgiapi/perl.alfa show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-04 20:08:31 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 157.66.56.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 157.66.56.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:08:24.227832 2026] [security2:error] [pid 6649:tid 6649] [client 157.66.56.107:60766] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mooseled.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mooseled.com"] [uri "/defunct.dat"] [unique_id "aiHbOJrBlSIUWfOVEGV3DgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-05-27 22:32:53 (2 weeks ago)	Cloudflare WAF: Request Path: /images/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker. ... show more Cloudflare WAF: Request Path: /images/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker.net userAgent: python-requests/2.33.0 Action: log Source: firewallManaged ASN Description: Argon Data Communication Country: ID Method: GET Timestamp: 2026-05-27T22:32:53Z ruleId: 9f35644b7f734c87a57cfd6d8b036974. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-27 14:50:41 (2 weeks ago)	Cloudflare WAF: Request Path: /images/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker. ... show more Cloudflare WAF: Request Path: /images/ALFA_DATA/alfacgiapi/perl.alfa Request Query: Host: elhacker.net userAgent: python-requests/2.33.0 Action: log Source: firewallManaged ASN Description: Argon Data Communication Country: ID Method: GET Timestamp: 2026-05-27T14:50:41Z ruleId: 9f35644b7f734c87a57cfd6d8b036974. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 Ryan Hagan	2026-05-27 12:14:00 (2 weeks ago)	IP scanning for already hacked systems: @proxy.path:/images/leviathan/haxorcgiapi/perl.haxor @prox ... show more IP scanning for already hacked systems: @proxy.path:/images/leviathan/haxorcgiapi/perl.haxor @proxy.path:/img/leviathan/haxorcgiapi/perl.haxor @proxy.path:/wp-admin/leviathan/haxorcgiapi/perl.haxor @proxy.path:/wp-admin/network/leviathan/haxorcgiapi/perl.alfa @proxy.path:/wolfshell/razorcgiapi/perl.haxor @proxy.path:/uploads/leviathan/haxorcgiapi/perl.haxor @proxy.path:/escobar/haxorcgiapi/perl.haxor @proxy.path:/defunct.dat @proxy.path:/jixz1013_data/jixz1013cgiapi/perl.jixz1013 @proxy.path:/hxh/hxhcgiapi/perl.haxor show less	Web App Attack Hacking
🇺🇸 mnsf	2026-05-25 23:05:27 (2 weeks ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-05-24 03:30:33 (2 weeks ago)	251 requests with url.path *.alfa	Brute-Force Bad Web Bot
🇮🇩 Burayot	2026-05-22 07:56:15 (3 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 157.66.56.107 (ID/Indonesia/-): 1 i ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 157.66.56.107 (ID/Indonesia/-): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2026-05-21 21:48:12 (3 weeks ago)		Web App Attack
🇮🇩 Burayot	2026-05-15 18:24:27 (4 weeks ago)	LF_CPANEL: (cpanel) Failed cPanel login from 157.66.56.107 (ID/Indonesia/-): 1 in the last 3600 secs	Brute-Force

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.12.48.70

🇷🇺 178.178.240.106

🇺🇸 147.185.132.250

🇺🇸 132.145.213.106

🇺🇸 104.21.83.228

🇿🇦 102.133.161.36

🇴🇲 89.147.184.173

🇷🇺 83.171.89.209

🇷🇺 72.56.242.111

🇺🇸 65.49.20.114

🇬🇧 37.143.61.84

🇺🇸 20.171.8.157

🇰🇷 210.95.176.50

🇧🇷 200.189.28.51

🇷🇴 193.32.162.76

🇮🇳 182.95.185.30

🇷🇺 176.211.42.202

🇺🇸 172.253.93.216

🇺🇸 162.216.149.78

🇸🇬 152.42.177.179