AbuseIPDB » 164.52.24.163

164.52.24.163 was found in our database!

This IP was reported 348 times. Confidence of Abuse is 54%: ?

54%

ISP	Capital Online Data Service HK Co Ltd
Usage Type	Data Center/Web Hosting/Transit
Domain Name	yun-idc.com
Country	Hong Kong
City	Hong Kong, Hong Kong

Spot an error? IP info including ISP, Usage Type, and Location provided by IP2Location.

Report 164.52.24.163

Whois 164.52.24.163

IP Abuse Reports for 164.52.24.163:

This IP address has been reported a total of 348 times from 43 distinct sources. 164.52.24.163 was first reported on May 25th 2018, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
Scan	10 hours ago	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
andrew.stream	13 hours ago	[httpReq only by ip - not DomainName] [multiweb: req 2 domains(hosts/ip)] [bad UserAge ... show more[httpReq only by ip - not DomainName] [multiweb: req 2 domains(hosts/ip)] [bad UserAgent] show less	Port Scan Bad Web Bot
SaltySoftworks	19 hours ago	Jul 19 06:47:31 DDOS Attack: SRC=164.52.24.163 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=53 DF P ... show moreJul 19 06:47:31 DDOS Attack: SRC=164.52.24.163 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=53 DF PROTO=TCP SPT=34954 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 show less	DDoS Attack Hacking Bad Web Bot Web App Attack
Scan	18 Jul 2019	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
AvonleaConsulting	16 Jul 2019	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
Anonymous	16 Jul 2019	port scan and connect, tcp 80 (http)	Port Scan
GAS	14 Jul 2019	Port scan and direct access per IP instead of hostname	Port Scan Hacking
GAS	14 Jul 2019	Port scan and direct access per IP instead of hostname	Port Scan Hacking
Anonymous	14 Jul 2019	port scan and connect, tcp 80 (http)	Port Scan
AvonleaConsulting	13 Jul 2019	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
GAS	13 Jul 2019	Port scan and direct access per IP instead of hostname	Port Scan Hacking
PVServer	12 Jul 2019		Port Scan Hacking
Anonymous	12 Jul 2019	scanner	Port Scan Hacking Exploited Host Web App Attack
hermawan	11 Jul 2019	[Fri Jul 12 09:56:38.725051 2019] [:error] [pid 29800:tid 140362517526272] [client 164.52.24.163:396 ... show more[Fri Jul 12 09:56:38.725051 2019] [:error] [pid 29800:tid 140362517526272] [client 164.52.24.163:39694] [client 164.52.24.163] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XSf25jFSp0H6p7c78AXAHwAAABI"] ... show less	Hacking Web App Attack
Anonymous	11 Jul 2019	port scan and connect, tcp 80 (http)	Port Scan

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩