JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.56.86.10

66.56.86.10 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 2%: ?

ISP	VPN Consumer Bratislava, Slovakia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇸🇰 Slovakia
City	Bratislava, Bratislava Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.56.86.10

Whois 66.56.86.10

IP Abuse Reports for 66.56.86.10:

This IP address has been reported a total of 95 times from 20 distinct sources. 66.56.86.10 was first reported on April 13th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 rdlmda	2026-06-15 16:39:00 (4 days ago)	IRC SPAM on #HELP @ ircnet.com	Web Spam Email Spam Blog Spam
🇺🇸 Penny Packer	2026-03-15 15:59:21 (3 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-03-12 09:10:53 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 05:10:49.873500 2026] [security2:error] [pid 6751:tid 6751] [client 66.56.86.10:28449] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lundtrading.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lundtrading.com"] [uri "/back/mysql.sql"] [unique_id "abKDGenGdBs9VjhyZFENLgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-01 05:46:13 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 00:46:04.433836 2026] [security2:error] [pid 11532:tid 11532] [client 66.56.86.10:54287] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|medicalexchangeasinc.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "medicalexchangeasinc.com"] [uri "/bak/wallet.dat"] [unique_id "aaPSnP5JIwLH44R94GCOSgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇾 armandosaucedo.me	2026-02-24 08:12:20 (3 months ago)	66.56.86.10 - - [24/Feb/2026:08:12:18 +0000] "GET /backup.sql.gz HTTP/1.1" 404 196 "-" "-"	Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 03:03:31 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 22:03:25.209164 2026] [security2:error] [pid 26727:tid 26727] [client 66.56.86.10:59143] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|doubloonswap.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "doubloonswap.com"] [uri "/backups/sql.sql"] [unique_id "aY_l_SN_mRZ4OY-iPQm5VQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-02-09 07:56:08 (4 months ago)	/backups/application.zip	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 22:41:01 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 17:40:55.174116 2026] [security2:error] [pid 21913:tid 21913] [client 66.56.86.10:34175] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mpaexchangeinc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mpaexchangeinc.com"] [uri "/back/sql.sql"] [unique_id "aYPK95Pi0NLRjt8DIdZbAgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 17:10:14 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 12:10:06.632731 2026] [security2:error] [pid 28206:tid 28206] [client 66.56.86.10:21669] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jussetcotradinglimited.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jussetcotradinglimited.co"] [uri "/backups/dump.sql"] [unique_id "aYN9btPOVP1q_ySu-xZ8ygAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-01-31 23:06:01 (4 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 19:44:03 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 14:43:57.669750 2026] [security2:error] [pid 18681:tid 18681] [client 66.56.86.10:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kryptonome.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kryptonome.com"] [uri "/backups/wallet.dat"] [unique_id "aXu4fVADVzt_jWlrzty0ugAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 13:47:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 66.56.86.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 08:47:09.352604 2026] [security2:error] [pid 14689:tid 14689] [client 66.56.86.10:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sportsbookcommission.com"] [uri "/.env"] [unique_id "aWpBXUts6f3RbsoIc14sxAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-01-06 08:14:31 (5 months ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2025-12-29 03:43:47 (5 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇬🇧 pinguin	2025-12-25 03:52:00 (5 months ago)	Triggered Cloudflare WAF (linkMaze) from SK. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (HEAD ... show more Triggered Cloudflare WAF (linkMaze) from SK. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (HEAD method) Endpoint: /backup.sql.tar UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.27

🇳🇱 185.93.89.9

🇨🇳 182.151.45.136

🇲🇴 182.93.7.194

🇨🇭 179.43.168.58

🇳🇱 172.71.183.30

🇸🇬 165.245.176.51

🇺🇸 144.86.173.53

🇷🇴 89.40.222.222

🇺🇸 65.111.15.6

🇳🇱 45.156.87.13

🇷🇴 2.57.121.25

🇹🇼 198.235.24.42

🇳🇱 176.65.148.172

🇩🇪 138.68.92.219

🇸🇪 104.23.221.40

🇮🇳 103.79.222.10

🇸🇮 102.220.160.153

🇮🇪 89.184.62.163

🇱🇹 77.90.185.80