JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.245.220.9

66.245.220.9 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 100%: ?

100%

ISP	The Constant Company, LLC.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Domain Name	choopa.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.245.220.9

Whois 66.245.220.9

IP Abuse Reports for 66.245.220.9:

This IP address has been reported a total of 42 times from 34 distinct sources. 66.245.220.9 was first reported on June 20th 2026, and the most recent report was 33 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-21 01:45:08 (33 minutes ago)	Attempted access to sensitive endpoint (/wp-content/155.php) detected. Automated scan or unauthorize ... show more Attempted access to sensitive endpoint (/wp-content/155.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
Anonymous	2026-06-21 01:25:20 (53 minutes ago)	66.245.220.9 - - [21/Jun/2026:09:25:20 +0800] "GET /wp-includes/Text/Diff/ HTTP/1.1" 404 196 "-" "Mo ... show more 66.245.220.9 - - [21/Jun/2026:09:25:20 +0800] "GET /wp-includes/Text/Diff/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:09:25:20 +0800] "GET /adminfuns.php/.well-known/acme-challenge/file.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:09:25:20 +0800] "GET /adminfuns.php/.well-known/acme-challenge/file.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇬🇧 andypiper	2026-06-21 01:02:44 (1 hour ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇨🇭 backslash	2026-06-21 00:42:00 (1 hour ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇳🇱 Site.eu	2026-06-20 23:21:18 (2 hours ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-20 23:18:48 (3 hours ago)	(caddyscan) Scanner path probe from 66.245.220.9 (JP/Japan/-): 5 in the last 3600 secs; Ports: ; Di ... show more (caddyscan) Scanner path probe from 66.245.220.9 (JP/Japan/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 66.245.220.9 - - [20/Jun/2026:23:18:38 +0000] "GET /wp-admin/maint/index.php HTTP/1.1" [REDACTED] 200 2627 66.245.220.9 - - [20/Jun/2026:23:18:40 +0000] "GET /wp-admin/css/ HTTP/1.1" [REDACTED] 200 2627 66.245.220.9 - - [20/Jun/2026:23:18:41 +0000] "GET /wp-admin/css/colors/blue/ HTTP/1.1" [REDACTED] 200 2627 66.245.220.9 - - [20/Jun/2026:23:18:42 +0000] "GET /wp-admin/js/widgets/ HTTP/1.1" [REDACTED] 200 2627 66.245.220.9 - - [20/Jun/2026:23:18:45 +0000] "GET /xmlrpc.php HTTP/1.1" show less	Port Scan
Anonymous	2026-06-20 22:59:33 (3 hours ago)	66.245.220.9 - - [21/Jun/2026:00:58:52 +0200] "GET /test1.php HTTP/1.1" 404 4886 "-" "Mozilla/5.0 (W ... show more 66.245.220.9 - - [21/Jun/2026:00:58:52 +0200] "GET /test1.php HTTP/1.1" 404 4886 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:00:58:58 +0200] "GET /wp-admin/maint/index.php HTTP/1.1" 404 556 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:00:58:58 +0200] "GET /wp-content/uploads/min.php HTTP/1.1" 404 556 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:00:58:58 +0200] "GET /zoom1.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:00:58:58 +0200] "GET /lock360.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ ... show less	DDoS Attack
🇨🇭 4server	2026-06-20 22:56:45 (3 hours ago)	[SunJun2100:56:41.9504052026][security2:error][pid2082549:tid2082657][client66.245.220.9:0]ModSecuri ... show more [SunJun2100:56:41.9504052026][security2:error][pid2082549:tid2082657][client66.245.220.9:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(filemanager\\|wp-file-manager\\|elfinder\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"443\"][id\"980500\"][msg\"WordPressfilemanagerexploitattempt\"][hostname\"www.annunci-ticino.ch\"][uri\"/filemanager.php\"][unique_id\"ajcaqXVLZ8ns0cDII78KOwAAAUw\"] show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-06-20 22:14:09 (4 hours ago)	Attempted access to sensitive endpoint (/wp-admin/maint/index.php) detected. Automated scan or unaut ... show more Attempted access to sensitive endpoint (/wp-admin/maint/index.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
Anonymous	2026-06-20 21:23:02 (4 hours ago)	Bot / scanning and/or hacking attempts: GET /wp-admin/index.php HTTP/1.1, GET /wp-trackback.php HTTP ... show more Bot / scanning and/or hacking attempts: GET /wp-admin/index.php HTTP/1.1, GET /wp-trackback.php HTTP/1.1, GET /ws.php HTTP/1.1, GET /.bod/.ll/ HTTP/1.1, GET /wp-content/upgrade/index.php HTTP/1.1, GET /wp-blog.php HTTP/1.1, GET /autoload_classmap/function.php HTTP/1.1, GET /wp-content/plugins/core-plugin/include.php HTTP/1.1, GET /storage/rip.php HTTP/1.1, GET /wp-includes/PHPMailer/ HTTP/1.1, GET /dvve.php HTTP/1.1, GET /wp-includes/ HTTP/1.1, GET /.well-known/acme-challenge/index.php HTTP/1.1, GET /1index.php HTTP/1.1, GET /wp-content/themes/pridmag/b.php HTTP/1.1, GET /0.php HTTP/1.1, GET /ws77.php HTTP/1.1 show less	Hacking Web App Attack
🇧🇪 voormedia	2026-06-20 21:13:26 (5 hours ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇪🇸 alferez	2026-06-20 21:06:17 (5 hours ago)	Searching hacked php files	Hacking Exploited Host Web App Attack
🇳🇱 oisecnet	2026-06-20 21:01:08 (5 hours ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-20. 17 requests from this ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-20. 17 requests from this IP. show less	Brute-Force Web App Attack SSH
Anonymous	2026-06-20 21:00:23 (5 hours ago)	66.245.220.9 - - [21/Jun/2026:05:00:22 +0800] "GET /test1.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Win ... show more 66.245.220.9 - - [21/Jun/2026:05:00:22 +0800] "GET /test1.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:05:00:22 +0800] "GET /wp-admin/maint/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:05:00:22 +0800] "GET /wp-admin/maint/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:05:00:22 +0800] "GET /wp-content/uploads/min.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 66.245.220.9 - - [21/Jun/2026:05:00:22 +0800] "GET /wp-content/uploads/min.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show less	Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-20 20:32:54 (5 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after PHP/webshell probe. Vegas Security	DDoS Attack Hacking Exploited Host

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.28

🇬🇧 217.154.45.93

🇰🇷 210.183.21.53

🇭🇰 199.45.154.138

🇺🇸 151.245.32.125

🇨🇳 113.200.174.111

🇨🇳 111.162.136.27

🇨🇳 110.87.158.206

🇱🇹 81.30.98.158

🇱🇹 81.30.98.62

🇧🇷 45.65.239.28

🇬🇧 35.203.210.84

🇩🇪 213.209.159.227

🇺🇸 147.185.132.119

🇨🇳 118.186.7.10

🇨🇳 111.113.89.24

🇺🇸 107.180.88.176

🇮🇩 103.190.214.241

🇷🇴 92.118.39.62

🇩🇪 82.115.21.249