JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.68.1.66

188.68.1.66 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	HostRoyale Technologies Pvt Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197706
Domain Name	hostroyale.com
Country	🇦🇱 Albania
City	Tirana, Tirana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.68.1.66

Whois 188.68.1.66

IP Abuse Reports for 188.68.1.66:

This IP address has been reported a total of 9 times from 7 distinct sources. 188.68.1.66 was first reported on March 4th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-01-21 11:08:54 (4 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.448 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.448 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0. show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:38:45 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 188.68.1.66 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 188.68.1.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:38:41.199301 2025] [security2:error] [pid 729662:tid 729801] [client 188.68.1.66:47157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.net"] [uri "/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php"] [unique_id "aIWDIbnOl9VusXIpylMbkwAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-07-08 07:30:01 (11 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇺🇸 dpinse	2025-06-06 01:26:21 (1 year ago)	teler detected CVE-2017-16894 against resource /.env from 188.68.1.66	Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:35:13 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 188.68.1.66 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211190) triggered by 188.68.1.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:35:06.641154 2025] [security2:error] [pid 2980629:tid 2980629] [client 188.68.1.66:40891] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.farmers123.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.farmers123.com"] [uri "/cgi-bin/tsaupload.cgi"] [unique_id "aDiMuiPQURT_hUvQudJkHAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:30:04 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 188.68.1.66 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 188.68.1.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:29:11.049792 2025] [security2:error] [pid 22650:tid 22662] [client 188.68.1.66:37177] [client 188.68.1.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.blog.spinningdesigns.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blog.spinningdesigns.com"] [uri "/default.php.bak"] [unique_id "aAM0p8LYwl69KqC_78icHgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-04-14 18:00:39 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-03-29 05:57:00 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2025-03-04 07:40:04 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 193.202.87.25

🇧🇷 172.253.234.16

🇫🇮 147.185.133.201

🇸🇬 114.119.131.120

🇨🇳 101.126.11.137

🇲🇾 101.99.81.96

🇫🇷 91.231.89.138

🇸🇬 45.78.198.199

🇺🇸 45.33.64.182

🇮🇳 13.71.92.229

🇦🇷 200.32.52.150

🇵🇰 154.57.221.75

🇧🇷 104.23.255.72

🇫🇷 82.102.18.116

🇳🇱 81.19.216.84

🇺🇸 50.116.23.44

🇱🇹 45.227.254.170

🇧🇷 45.205.1.80

🇨🇳 14.18.124.175

🇱🇹 188.69.225.188