JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.163.117.31

66.163.117.31 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 53%: ?

53%

ISP	GTHost
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63023
Domain Name	gthost.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.163.117.31

Whois 66.163.117.31

IP Abuse Reports for 66.163.117.31:

This IP address has been reported a total of 35 times from 27 distinct sources. 66.163.117.31 was first reported on March 13th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-05-19 21:03:39 (2 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 bigwavedave	2026-05-19 20:33:07 (2 weeks ago)	Wordpress Attack	Web App Attack
Anonymous	2026-05-19 18:40:13 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-19 12:39:57 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 08:39:52.380352 2026] [security2:error] [pid 8405:tid 8405] [client 66.163.117.31:54788] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 66.163.117.31 (+1 hits since last alert)\|shannonraevocalstudio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "agxaGPTJfb_ld3kHYolG3QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-11 00:00:00 (3 weeks ago)	"Security violation, excess traffic against library/education infrastructure"	Brute-Force
🇩🇪 YF	2026-05-06 19:19:39 (4 weeks ago)	WordPress content enumeration	Web App Attack
🇵🇱 MrBoombastic	2026-05-06 12:39:50 (4 weeks ago)	WordPress comment spam. Reported by Spam2IP: https://github.com/MrBoombastic/wp-spam2ip	Blog Spam
🇧🇪 cmbplf	2026-05-06 04:02:48 (4 weeks ago)	2.302 requests from abuseipdb.com blacklisted IP (1yr1w6d)	Brute-Force Bad Web Bot
🇲🇾 Rizzy	2026-05-05 16:32:21 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇮 Shaik Sai Meera	2026-04-30 00:00:57 (1 month ago)	IM360 WAF: Infectors: Suspicious access attempt (webshell)	Brute-Force FTP Brute-Force Open Proxy
Anonymous	2026-04-29 18:34:22 (1 month ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 16:54:28 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 12:54:21.494929 2026] [security2:error] [pid 6527:tid 6527] [client 66.163.117.31:61788] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 66.163.117.31 (+1 hits since last alert)\|desarrollosdecolima.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desarrollosdecolima.com"] [uri "/xmlrpc.php"] [unique_id "afI3vTiGprwirqjPMg4q2gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 11:16:36 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 07:16:30.268973 2026] [security2:error] [pid 13052:tid 13052] [client 66.163.117.31:52390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 66.163.117.31 (+1 hits since last alert)\|premierveterinarysurgery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "premierveterinarysurgery.com"] [uri "/xmlrpc.php"] [unique_id "afHojubYeYFnCBr4Z4Ew-AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 07:12:54 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 66.163.117.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 03:12:47.812004 2026] [security2:error] [pid 13525:tid 13525] [client 66.163.117.31:58313] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 66.163.117.31 (+1 hits since last alert)\|jfexpressfr8.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jfexpressfr8.com"] [uri "/xmlrpc.php"] [unique_id "afBd78gvlQXfHlMA4bXmagAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-04-28 06:40:48 (1 month ago)	(wordpress) Failed wordpress login from 66.163.117.31 (GB/United Kingdom/-)	Brute-Force

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.3.154

🇺🇸 159.65.65.144

🇩🇪 93.241.232.14

🇭🇰 45.142.154.10

🇬🇧 35.203.210.146

🇷🇴 2.57.121.112

🇺🇸 2001:470:1:332::16e

🇺🇸 159.203.74.245

🇺🇸 152.32.236.116

🇧🇷 118.26.105.116

🇨🇳 117.40.114.199

🇧🇩 103.163.116.82

🇺🇸 103.143.231.24

🇫🇷 85.217.140.33

🇮🇳 182.95.217.202

🇦🇷 179.42.170.14

🇺🇸 152.32.182.41

🇻🇳 113.188.47.79

🇳🇱 52.233.193.61

🇯🇵 8.216.5.21