JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.252.166.214

43.252.166.214 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 0%: ?

ISP	CommuniLink
Usage Type	Data Center/Web Hosting/Transit
ASN	AS38277
Domain Name	communilink.net
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.252.166.214

Whois 43.252.166.214

IP Abuse Reports for 43.252.166.214:

This IP address has been reported a total of 35 times from 24 distinct sources. 43.252.166.214 was first reported on February 19th 2023, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-09-19 11:48:03 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 Burayot	2025-08-21 00:24:40 (9 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 43.252.166.214 (HK/Hong Kong/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 43.252.166.214 (HK/Hong Kong/-): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2025-08-21 00:24:13 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Khalequzzaman	2024-12-14 11:59:31 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam Port Scan
🇩🇪 Khalequzzaman	2024-12-03 23:32:08 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam Port Scan
🇩🇪 Khalequzzaman	2024-12-01 07:07:20 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam Port Scan
🇩🇪 Packets-Decreaser.NET	2024-08-28 19:29:33 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇰 Papy Abuse	2024-08-07 02:14:34 (1 year ago)	honeypots-httpproxy	Port Scan
🇬🇧 gtabomber	2024-03-22 08:02:56 (2 years ago)	2024-03-22T08:02:46.551084 espaceonline.co.uk auth[22341]: pam_unix(dovecot:auth): authentication fa ... show more 2024-03-22T08:02:46.551084 espaceonline.co.uk auth[22341]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=43.252.166.214 2024-03-22T08:02:48.557707 espaceonline.co.uk dovecot[23075]: auth-worker(22341): pam([email protected],43.252.166.214,<DavQPzsU6Osr/KbW>): unknown user (given password: bombes) 2024-03-22T08:02:51.547133 espaceonline.co.uk dovecot[23075]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=<[email protected]>, method=PLAIN, rip=43.252.166.214, lip=176.126.240.132, TLS, session=<DavQPzsU6Osr/KbW> ... show less	Brute-Force SSH
Anonymous	2024-03-04 13:03:30 (2 years ago)	Aggressive web scan	Web App Attack
🇺🇸 TPI-Abuse	2024-02-27 06:42:54 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 43.252.166.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 43.252.166.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 27 01:42:47.597286 2024] [security2:error] [pid 32278] [client 43.252.166.214:52120] [client 43.252.166.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.68"] [uri "/.env"] [unique_id "Zd2EZx-Nv6MVBha0kKSD6QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-27 04:19:45 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 43.252.166.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 43.252.166.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 26 23:19:39.278323 2024] [security2:error] [pid 15537] [client 43.252.166.214:51857] [client 43.252.166.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.11"] [uri "/.env"] [unique_id "Zd1i2zVRFKjrLk5yrzbyUgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-02-23 00:12:52 (2 years ago)	port scan and connect, tcp 80 (http)	Port Scan
🇺🇸 TPI-Abuse	2024-02-22 23:12:36 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 43.252.166.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 43.252.166.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 22 18:12:29.693592 2024] [security2:error] [pid 27545] [client 43.252.166.214:60796] [client 43.252.166.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.241"] [uri "/.env"] [unique_id "ZdfU3b6GWRALyK7JZB1VZAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 gurnip	2024-02-22 19:13:50 (2 years ago)	Vulnerability probe of page /.env, not found on server.	Brute-Force Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 194.120.230.72

🇧🇷 191.205.201.252

🇺🇸 147.185.132.170

🇺🇸 137.184.233.49

🇰🇷 110.14.190.221

🇫🇷 91.196.152.202

🇸🇪 90.230.168.26

🇵🇱 87.251.64.144

🇨🇳 61.153.143.110

🇨🇱 34.176.238.184

🇫🇷 213.156.132.230

🇮🇹 151.95.211.132

🇺🇸 66.169.70.225

🇨🇳 59.74.227.233

🇳🇱 45.148.10.157

🇳🇱 35.204.232.112

🇮🇱 34.165.161.40

🇨🇳 203.56.46.78

🇧🇬 193.24.211.107

🇺🇸 172.184.220.192