JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.78.27.54

66.78.27.54 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 43%: ?

43%

ISP	CODE200
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21769
Hostname(s)	54-27-78-66.rdns.colocationamerica.com
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.78.27.54

Whois 66.78.27.54

IP Abuse Reports for 66.78.27.54:

This IP address has been reported a total of 21 times from 6 distinct sources. 66.78.27.54 was first reported on June 11th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 18:55:40 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:55:34.551363 2026] [security2:error] [pid 19384:tid 19419] [client 66.78.27.54:19662] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gtci.us"] [uri "/sftp-config.json"] [unique_id "ai75Jn4lzKVxzbCvKjgB-QAAAZM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 gerensat	2026-06-14 18:12:25 (9 hours ago)	2026-06-14 15:12:25 \| /sftp-config.json \| [] \| Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (K ... show more 2026-06-14 15:12:25 \| /sftp-config.json \| [] \| Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 show less	Web App Attack
🇨🇭 4server	2026-06-14 15:05:45 (12 hours ago)	[SunJun1417:05:42.7630022026][security2:error][pid2711216:tid2711637][client66.78.27.54:0]ModSecurit ... show more [SunJun1417:05:42.7630022026][security2:error][pid2711216:tid2711637][client66.78.27.54:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"gsdsagl.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"ai7DRkN7bb2gGhT7zznrGgAAAMU\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 11:15:48 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 07:15:41.786207 2026] [security2:error] [pid 6257:tid 6257] [client 66.78.27.54:10748] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grupoimaginarte.com"] [uri "/sftp-config.json"] [unique_id "ai6NXT2t-2WIxAOKg60bOwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 10:40:29 (1 day ago)	(mod_security) mod_security (id:949110) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:949110) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 06:40:24.182896 2026] [security2:error] [pid 23544:tid 23544] [client 66.78.27.54:62792] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "greenpowerkorea.com"] [uri "/sftp-config.json"] [unique_id "ai0zmOtsqCWUkORsLjLYWwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-12 20:44:01 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 18:18:31 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:18:23.354479 2026] [security2:error] [pid 13845:tid 13845] [client 66.78.27.54:42324] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "graftandcorruption.net"] [uri "/sftp-config.json"] [unique_id "aixNb3_Tt_5qyDgXIQn0vAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-12 15:13:17 (2 days ago)	Try to access /.vscode/sftp.json	Web App Attack
🇩🇪 4server	2026-06-12 14:36:41 (2 days ago)	[FriJun1216:36:38.9909282026][security2:error][pid3835496:tid3835629][client66.78.27.54:0]ModSecurit ... show more [FriJun1216:36:38.9909282026][security2:error][pid3835496:tid3835629][client66.78.27.54:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"gpwealth.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"aiwZdq4W8rEMl7Ll7WYqNgAAAQ8\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:00:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:00:12.399965 2026] [security2:error] [pid 27805:tid 27805] [client 66.78.27.54:54604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atticlodgeoutdoorlearningcenter.com"] [uri "/index.php/maps-compass-gps/advanced-gps-map-class/sftp-config.json"] [unique_id "aiwQ7N2lmyMg_GRE_MB-xwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 12:51:58 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:51:55.505810 2026] [security2:error] [pid 3350:tid 3350] [client 66.78.27.54:46906] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gpahomeinspections.com"] [uri "/sftp-config.json"] [unique_id "aiwA6wetwI9JlyisUUniIgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-12 06:47:22 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-12 02:00:33 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 22:00:29.623605 2026] [security2:error] [pid 6792:tid 6792] [client 66.78.27.54:52086] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goochcompanies.com"] [uri "/sftp-config.json"] [unique_id "aitoPewRO3G2AtWUALekFwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 22:12:35 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:12:31.535455 2026] [security2:error] [pid 12302:tid 12302] [client 66.78.27.54:4388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goldenvalley1.com"] [uri "/sftp-config.json"] [unique_id "aisyzy4ENbKAeXmq_yYNCAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 17:37:07 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica ... show more (mod_security) mod_security (id:210492) triggered by 66.78.27.54 (54-27-78-66.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:37:03.243049 2026] [security2:error] [pid 2160:tid 2160] [client 66.78.27.54:23170] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gods-law.com"] [uri "/sftp-config.json"] [unique_id "airyP5Nq9hgEzpJ0FXslxwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.202

🇧🇷 170.238.160.191

🇺🇸 170.187.163.133

🇩🇪 164.90.178.220

🇺🇸 91.230.168.224

🇺🇸 66.132.224.227

🇩🇪 31.76.98.214

🇷🇺 5.11.77.27

🇮🇳 223.231.213.28

🇺🇸 216.25.89.95

🇧🇷 205.210.31.164

🇬🇧 194.50.235.137

🇺🇸 162.216.150.63

🇫🇮 147.185.133.134

🇫🇷 146.70.40.68

🇺🇸 137.184.154.37

🇺🇸 71.6.240.239

🇺🇸 66.132.172.210

🇺🇸 66.132.172.135

🇺🇸 64.62.156.94