JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.88.3.65

166.88.3.65 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 27%: ?

27%

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS18779
Hostname(s)	166-88-3-65.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.88.3.65

Whois 166.88.3.65

IP Abuse Reports for 166.88.3.65:

This IP address has been reported a total of 8 times from 4 distinct sources. 166.88.3.65 was first reported on May 26th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-28 22:04:06 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇬🇧 Aetherweb Ark	2026-05-28 16:47:58 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 166.88.3.65 (US/United States/166-88-3-65.ips.a ... show more (mod_security) mod_security (id:949110) triggered by 166.88.3.65 (US/United States/166-88-3-65.ips.acedatacenter.com): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 08:09:25 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 04:09:20.726712 2026] [security2:error] [pid 15873:tid 15873] [client 166.88.3.65:52679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theflyingdutchman.us"] [uri "/wp-config.php.swp"] [unique_id "ahf4MGzjHVKBEd0GPWNaXgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-05-27 03:53:20 (1 week ago)	[WedMay2705:53:16.4391092026][security2:error][pid1082002:tid1082360][client166.88.3.65:0]ModSecurit ... show more [WedMay2705:53:16.4391092026][security2:error][pid1082002:tid1082360][client166.88.3.65:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"cpu-services.ch\"][uri\"/.env.production\"][unique_id\"ahZqrHq1OLB-hb2AZuyCzgAAARc\"]\,referer:https://www.google.com/search\?q=cpu-services.ch show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:43:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:43:52.438386 2026] [security2:error] [pid 6285:tid 6389] [client 166.88.3.65:45531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.erinrusso.com.williampower.com"] [uri "/.env.development.local"] [unique_id "ahY-SKhsG1QA7uF1bP32agAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:23:56 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210730) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:23:48.464264 2026] [security2:error] [pid 6385:tid 6385] [client 166.88.3.65:52583] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|weathercarib.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "weathercarib.com"] [uri "/config/database.php.bak"] [unique_id "ahY5lJdmLckJDlwymVDoMAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 23:50:56 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210730) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 19:50:30.739405 2026] [security2:error] [pid 20725:tid 20725] [client 166.88.3.65:57261] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.asfmglobal.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.asfmglobal.com"] [uri "/backup.sql"] [unique_id "ahYxxsyy39-FLCOTQvpeWQAAAAo"], referer: https://www.google.com/search?q=autodiscover.asfmglobal.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 18:10:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 166.88.3.65 (166-88-3-65.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:10:05.891711 2026] [security2:error] [pid 25220:tid 25220] [client 166.88.3.65:54139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thedoodlists.com"] [uri "/app/config/parameters.yml"] [unique_id "ahXh_aHXREvDRE_r7pFCSwAAAAo"], referer: https://www.google.com/search?q=thedoodlists.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.7.30.146

🇭🇰 150.109.55.164

🇳🇱 45.148.10.141

🇺🇸 8.231.190.190

🇰🇷 211.178.247.182

🇺🇦 193.176.251.229

🇺🇿 185.203.236.212

🇺🇸 173.194.99.21

🇸🇬 140.245.125.139

🇸🇬 139.180.213.30

🇫🇷 94.239.150.162

🇳🇱 45.156.87.254

🇧🇪 34.140.168.155

🇧🇷 177.104.171.149

🇵🇱 87.251.64.145

🇺🇸 45.202.240.36

🇹🇷 212.154.86.114

🇯🇵 212.135.208.32

🇺🇸 162.216.149.34

🇧🇩 103.129.238.110