JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.88.172.230

166.88.172.230 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	InterLIR LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203872
Hostname(s)	166-88-172-230.ips.acedatacenter.com
Domain Name	interlir.com
Country	🇺🇸 United States of America
City	Orem, Utah

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.88.172.230

Whois 166.88.172.230

IP Abuse Reports for 166.88.172.230:

This IP address has been reported a total of 11 times from 10 distinct sources. 166.88.172.230 was first reported on September 25th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-02-11 10:33:38 (3 months ago)	Fail2Ban banned 166.88.172.230 for security violations in jail wp-armour. Log: 2026/02/11 10:33:38 [ ... show more Fail2Ban banned 166.88.172.230 for security violations in jail wp-armour. Log: 2026/02/11 10:33:38 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 166.88.172.230 \| Target: wplogin" , client: 166.88.172.230, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 Baking333	2026-01-31 07:38:01 (4 months ago)	[redacted] 166.88.172.230 - - [31/Jan/2026:08:37:57 +0100] "GET /[redacted] HTTP/1.1" 302 1573 0/363 ... show more [redacted] 166.88.172.230 - - [31/Jan/2026:08:37:57 +0100] "GET /[redacted] HTTP/1.1" 302 1573 0/36329 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 166.88.172.230 - - [31/Jan/2026:08:38:00 +0100] "GET /[redacted] HTTP/1.1" 302 1572 0/58701 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
Anonymous	2026-01-29 15:46:38 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.29 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.29 is noted in report timestamp show less	Hacking Brute-Force
🇬🇧 Bytemark	2026-01-24 03:59:10 (4 months ago)	166.88.172.230 - - [24/Jan/2026:03:59:05 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.goo ... show more 166.88.172.230 - - [24/Jan/2026:03:59:05 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 166.88.172.230 - - [24/Jan/2026:03:59:07 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 166.88.172.230 - - [24/Jan/2026:03:59:09 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
Anonymous	2026-01-05 02:46:38 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-01-02 12:34:03 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇨🇭 backslash	2025-11-11 17:20:04 (6 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-12 21:57:32 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 166.88.172.230 (166-88-172-230.ips.acedatacente ... show more (mod_security) mod_security (id:210350) triggered by 166.88.172.230 (166-88-172-230.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 17:57:26.720684 2025] [security2:error] [pid 26790:tid 26790] [client 166.88.172.230:61553] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|yuichiro.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "yuichiro.us"] [uri "/admin"] [unique_id "aOwkRq-u8vQPq39V_yk02QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-11 15:05:07 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 166.88.172.230 (166-88-172-230.ips.acedatacente ... show more (mod_security) mod_security (id:210350) triggered by 166.88.172.230 (166-88-172-230.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 11:04:57.980301 2025] [security2:error] [pid 15053:tid 15053] [client 166.88.172.230:61253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|panesarlaw.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "panesarlaw.com"] [uri "/"] [unique_id "aMLlGVmDYBq4yEWjbXoBuwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-09-08 11:39:31 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇦 wil.com	2024-09-25 05:10:03 (1 year ago)	GlobalProtect login attempts with user zthorpe.	VPN IP Brute-Force

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.178.246.43

🇵🇱 217.173.4.100

🇮🇹 206.232.43.78

🇬🇧 193.163.125.90

🇲🇾 113.211.215.190

🇨🇳 106.75.224.96

🇺🇸 71.206.190.209

🇺🇸 52.20.198.190

🇺🇸 217.148.142.94

🇬🇧 198.244.242.67

🇧🇷 191.6.49.35

🇵🇰 182.181.117.245

🇭🇳 168.181.121.165

🇺🇸 165.154.182.174

🇮🇩 108.137.8.107

🇳🇬 102.140.97.134

🇸🇦 82.167.153.46

🇺🇸 66.228.62.150

🇺🇸 64.62.156.74

🇯🇵 34.104.206.168