JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 163.7.11.69

163.7.11.69 was found in our database!

This IP was reported 107 times. Confidence of Abuse is 100%: ?

100%

ISP	BYTEPLUS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS150436
Domain Name	bytedance.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 163.7.11.69

Whois 163.7.11.69

IP Abuse Reports for 163.7.11.69:

This IP address has been reported a total of 107 times from 89 distinct sources. 163.7.11.69 was first reported on June 25th 2026, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 zam	2026-06-25 20:59:14 (2 minutes ago)	163.7.11.69 - - [25/Jun/2026:20:58:58 +0000] "GET /ns8b0u8qw3bo1cc4kbftgiwlm HTTP/1.1" 404 27293 163 ... show more 163.7.11.69 - - [25/Jun/2026:20:58:58 +0000] "GET /ns8b0u8qw3bo1cc4kbftgiwlm HTTP/1.1" 404 27293 163.7.11.69 - - [25/Jun/2026:20:58:59 +0000] "GET /otmpoq3r0pdtw99j0ok0ijg6.html HTTP/1.1" 404 27293 163.7.11.69 - - [25/Jun/2026:20:59:03 +0000] "GET /1vi6yxxnz8oghywpirr6znbgd.php HTTP/1.1" 404 27293 163.7.11.69 - - [25/Jun/2026:20:59:03 +0000] "GET /.git/config HTTP/1.1" 404 27293 163.7.11.69 - - [25/Jun/2026:20:59:03 +0000] "GET /.env HTTP/1.1" 404 27293 163.7.11.69 - - [25/Jun/2026:20:59:07 +0000] "GET /.env.local HTTP/1.1" 404 27293 show less	Web App Attack
🇫🇷 ecode hosting	2026-06-25 20:58:05 (3 minutes ago)	Domain : MailEnable WebMail Rule : config 2026-06-25 20:56:27 10.100.1.20 GET /config.php - 443 - 16 ... show more Domain : MailEnable WebMail Rule : config 2026-06-25 20:56:27 10.100.1.20 GET /config.php - 443 - 163.7.11.69 Mozilla/5.0 (compatible; pathscan/1.0) - 404 0 2 215 - - show less	Hacking SQL Injection
🇬🇧 Axel	2026-06-25 20:58:02 (3 minutes ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇫🇷 Catalin Negru	2026-06-25 20:55:10 (6 minutes ago)	Recidive ban by fail2ban on server.blackbit.ro	Brute-Force
🇺🇸 antlac1	2026-06-25 20:51:07 (10 minutes ago)	crowdsecurity/http-probing	Brute-Force Web App Attack
Anonymous	2026-06-25 20:41:47 (19 minutes ago)	(mod_security) mod_security triggered on hostname [redacted] 163.7.11.69 (ID/Indonesia/-): (CF_ENAB ... show more (mod_security) mod_security triggered on hostname [redacted] 163.7.11.69 (ID/Indonesia/-): (CF_ENABLE) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-25 20:37:04 (24 minutes ago)	(mod_security) mod_security (id:210492) triggered by 163.7.11.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 163.7.11.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:36:57.122777 2026] [security2:error] [pid 20530:tid 20530] [client 163.7.11.69:52592] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leothecolorman.com"] [uri "/.env.development"] [unique_id "aj2RadCPUU3CFspSv2piNAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-06-25 20:26:27 (34 minutes ago)	trolling for resource vulnerabilities	Web App Attack
🇫🇷 masterguru	2026-06-25 20:25:29 (35 minutes ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇺🇸 WizardsToolkit	2026-06-25 20:22:39 (38 minutes ago)	attempted to access /app/.env	Web App Attack
🇫🇷 Baking333	2026-06-25 20:21:00 (40 minutes ago)	[redacted] 163.7.11.69 - - [25/Jun/2026:21:20:57 +0100] "GET /.git/config HTTP/1.1" 302 1564 0/25491 ... show more [redacted] 163.7.11.69 - - [25/Jun/2026:21:20:57 +0100] "GET /.git/config HTTP/1.1" 302 1564 0/254911 "-" "Mozilla/5.0 (compatible; pathscan/1.0)" [redacted] 163.7.11.69 - - [25/Jun/2026:21:20:58 +0100] "GET /.env HTTP/1.1" 302 6783 0/56882 "-" "Mozilla/5.0 (compatible; pathscan/1.0)" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 20:09:46 (51 minutes ago)	(mod_security) mod_security (id:210492) triggered by 163.7.11.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 163.7.11.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:09:39.789216 2026] [security2:error] [pid 19036:tid 19036] [client 163.7.11.69:19500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goatedlottosecrets.com"] [uri "/.env.development"] [unique_id "aj2LA_Wpj836lRbKBvKEhQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 myintarweb	2026-06-25 20:09:00 (52 minutes ago)	163.7.11.69 - - [25/Jun/2026:21:09:00 +0100] 443 "GET /.git/config HTTP/2.0" 301 464 "-" "Mozilla/5. ... show more 163.7.11.69 - - [25/Jun/2026:21:09:00 +0100] 443 "GET /.git/config HTTP/2.0" 301 464 "-" "Mozilla/5.0 (compatible; pathscan/1.0)" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-25 20:01:04 (1 hour ago)	IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Co ... show more IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Country=ID; ASN=150436 Byteplus Pte. Ltd. show less	Hacking
🇩🇪 Viveronese	2026-06-25 19:59:16 (1 hour ago)	HTTP vulnerability scanning	Web App Attack

Showing 1 to 15 of 107 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.205

🇲🇽 187.202.180.185

🇫🇷 185.182.186.243

🇳🇱 204.76.203.219

🇸🇪 195.178.191.5

🇧🇩 103.112.62.144

🇫🇷 91.196.152.124

🇳🇱 91.92.42.243

🇫🇷 85.217.140.52

🇺🇸 66.132.172.238

🇰🇷 210.114.22.126

🇨🇴 200.118.199.210

🇬🇧 193.176.29.4

🇸🇪 172.232.153.52

🇭🇰 154.201.65.94

🇮🇩 103.78.104.80

🇨🇳 81.70.28.26

🇫🇮 80.223.198.246

🇺🇸 66.132.186.218

🇨🇳 222.195.92.204