JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.88.169.17

166.88.169.17 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 2%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS18779
Hostname(s)	166-88-169-17.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.88.169.17

Whois 166.88.169.17

IP Abuse Reports for 166.88.169.17:

This IP address has been reported a total of 14 times from 5 distinct sources. 166.88.169.17 was first reported on May 28th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:57:10 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:54:06.680621 2026] [security2:error] [pid 15557:tid 15573] [client 166.88.169.17:42231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/www.key"] [unique_id "ahzmPn5hzq3cB4Zb4JrJxgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:45:35 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:45:28.775806 2026] [security2:error] [pid 483:tid 670] [client 166.88.169.17:36117] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.net\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.net"] [uri "/my.key"] [unique_id "aX882AMxl-cQ0UzvOvSJJAAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 raspi4	2025-12-31 19:23:47 (5 months ago)	Fail2Ban Ban Triggered	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:26:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:26:36.831030 2025] [security2:error] [pid 12157:tid 12157] [client 166.88.169.17:55147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/.env.prod.local"] [unique_id "aS91rMv51xrCbVMBo0ux9wAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 17:12:33 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 12:12:25.680226 2025] [security2:error] [pid 21174:tid 21174] [client 166.88.169.17:57819] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/main.php.bak"] [unique_id "aRS_-TBb1XL0lePELwXmaQAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 16:35:39 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 12:35:32.363051 2025] [security2:error] [pid 30110:tid 30166] [client 166.88.169.17:54297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/.env.old"] [unique_id "aN1YVMkWrLLgoGKIU5870gAAAdU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-26 04:43:36 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 26 00:43:28.352875 2025] [security2:error] [pid 20371:tid 20371] [client 166.88.169.17:42003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.deandobkin.com"] [uri "/.env.dev"] [unique_id "aNYZ8DjaNC9oy2Sn6unnlQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 KuhA	2025-09-22 01:47:00 (8 months ago)	"GET /wp-login.php.bak HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 06:42:53 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:42:47.744535 2025] [security2:error] [pid 3331447:tid 3331473] [client 166.88.169.17:40703] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.kettlehill.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.kettlehill.net"] [uri "/error.log"] [unique_id "aIxh51SZjg6lcpTf51ZcDQAAAZY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2025-07-24 01:40:04 (10 months ago)	IP was involved in L7 DDoS attack.	DDoS Attack
Anonymous	2025-07-02 14:30:04 (11 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 13:56:56 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 09:56:49.541859 2025] [security2:error] [pid 2873691:tid 2873691] [client 166.88.169.17:37165] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/....\\\\....\\\\....\\\\....\\\\....\\\\....\\\\....\\\\....\\\\....\\\\windows\\\\win.ini"] [unique_id "aDxcISXIrrO_PsLc2M2bugAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 08:00:25 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 04:00:19.929604 2025] [security2:error] [pid 2762044:tid 2762055] [client 166.88.169.17:34877] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.net"] [uri "/MyErrors.log"] [unique_id "aDwIkwlM7g4oxUkvwMwaGQAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-28 21:07:11 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.169.17 (166-88-169-17.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 17:07:07.958748 2025] [security2:error] [pid 1914892:tid 1914892] [client 166.88.169.17:34519] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|farmers123.com\|F\|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "farmers123.com"] [uri "/elmah.axd"] [unique_id "aDd6-zCcLOnD9sbSPrWVIQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 8.209.115.19

🇯🇵 203.25.124.35

🇧🇪 198.235.24.151

🇳🇱 185.113.10.178

🇻🇳 180.93.98.232

🇻🇳 180.93.32.181

🇻🇳 118.71.20.55

🇳🇱 91.92.40.35

🇳🇱 64.89.162.205

🇪🇸 62.93.179.154

🇺🇸 31.56.178.132

🇺🇸 20.12.193.183

🇨🇳 14.103.123.206

🇩🇪 213.209.159.225

🇧🇬 193.24.211.107

🇩🇪 185.110.191.158

🇷🇴 185.100.87.136

🇺🇸 172.69.65.121

🇺🇸 165.154.163.240

🇨🇦 85.217.149.38