JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 80.66.72.154

80.66.72.154 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 9%: ?

ISP	GLOBAL CONNECTIVITY SOLUTIONS LLP
Usage Type	Data Center/Web Hosting/Transit
ASN	AS215540
Domain Name	globconnex.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 80.66.72.154

Whois 80.66.72.154

IP Abuse Reports for 80.66.72.154:

This IP address has been reported a total of 21 times from 7 distinct sources. 80.66.72.154 was first reported on November 7th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-31 10:11:10 (2 weeks ago)	Web app attack and vulnerability scan detected from IIS logs	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-04-26 02:00:57 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2026-03-21 00:24:22 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 interbiznw.com	2026-03-20 15:56:10 (2 months ago)	wordpress-fuzzing	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 Requiem (7's)	2026-02-24 21:42:35 (3 months ago)	Auto-reported by Observer: Old Route Enumeration on requiem.moe	Hacking
Anonymous	2026-01-20 18:11:58 (4 months ago)	wordpress-trap	Web App Attack
🇦🇺 MAGIC	2025-12-17 01:21:00 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-05 09:06:56 (6 months ago)	wordpress-trap	Web App Attack
🇨🇭 rt	2025-11-14 08:06:24 (7 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 10:41:17 (7 months ago)	(mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 05:41:13.317358 2025] [security2:error] [pid 4138:tid 4138] [client 80.66.72.154:43497] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|cdn.heavyglare.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "cdn.heavyglare.com"] [uri "/blog/adv/vogue_vo5638su_adv__4.webp"] [unique_id "aRBvyf5BoWnjdVuj9sYpHwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 08:40:42 (7 months ago)	(mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 03:40:38.435440 2025] [security2:error] [pid 2503:tid 2503] [client 80.66.72.154:54933] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|menafert.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "menafert.com"] [uri "/assets/img/logo.png"] [unique_id "aRBThmI-0H5oBHrFE_CY3gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 07:40:57 (7 months ago)	(mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 02:40:51.516617 2025] [security2:error] [pid 25608:tid 25608] [client 80.66.72.154:49999] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|drwolberg.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "drwolberg.com"] [uri "/wp-content/uploads/2021/03/Ginecomastia_pages-to-jpg-0009.jpg"] [unique_id "aRBFg1Y5FVZk02FO1ZC94wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 17:07:41 (7 months ago)	(mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 12:07:34.590537 2025] [security2:error] [pid 7219:tid 7219] [client 80.66.72.154:35923] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|scoutinsignia.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "scoutinsignia.com"] [uri "/recogn_files/nsf.jpg"] [unique_id "aQ941jR7LEN1t5D9iXDJUwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 10:43:20 (7 months ago)	(mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 05:43:16.365182 2025] [security2:error] [pid 1572873:tid 1572873] [client 80.66.72.154:59117] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|www.fiasdesigns.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fiasdesigns.com"] [uri "/wp-content/uploads/Custom-Listing-Silver-1-365x365.jpg"] [unique_id "aQ8exBVosKpGf2bVj0sBVwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 08:49:49 (7 months ago)	(mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210740) triggered by 80.66.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 03:49:42.597785 2025] [security2:error] [pid 9879:tid 9963] [client 80.66.72.154:53561] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|pref-realestate.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "pref-realestate.com"] [uri "/wp-content/uploads/2022/10/10-1-1024x640.jpg"] [unique_id "aQ8EJgG55UVq_YTakGe9lAAAAJU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.30.133.194

🇬🇧 185.216.145.178

🇻🇳 183.91.11.36

🇺🇸 172.202.9.120

🇹🇭 152.32.247.23

🇩🇪 138.68.93.37

🇺🇸 76.196.100.30

🇺🇸 66.132.195.61

🇭🇰 45.142.154.98

🇺🇸 45.131.195.244

🇺🇸 45.131.195.168

🇺🇸 45.131.193.48

🇺🇸 45.131.193.41

🇯🇵 43.207.180.248

🇵🇪 38.25.25.184

🇳🇱 37.49.224.15

🇻🇳 14.237.30.215

🇺🇸 3.131.24.55

🇪🇸 217.160.226.51

🇦🇷 186.122.10.106