JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.88.58.11

166.88.58.11 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS18779
Hostname(s)	166-88-58-11.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.88.58.11

Whois 166.88.58.11

IP Abuse Reports for 166.88.58.11:

This IP address has been reported a total of 8 times from 3 distinct sources. 166.88.58.11 was first reported on May 1st 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-03-01 20:23:16 (3 months ago)	(mod_security) mod_security (id:220150) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.co ... show more (mod_security) mod_security (id:220150) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.com): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:23:09.340946 2026] [security2:error] [pid 3621:tid 3700] [client 166.88.58.11:56253] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:s. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|mail.kettlehill.com\|F\|2"] [data "9999')unionselect111,222,(select(concat(0x44617461626173653a20,database()))),4444,5---"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mail.kettlehill.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aaSgLSGkUSIuGZsnub34MQAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-07 16:20:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210492) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 11:20:40.315720 2026] [security2:error] [pid 4722:tid 4722] [client 166.88.58.11:43681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "aYdmWOkf6Pl-X_jP6fXaEQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-01 14:20:02 (5 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 15:29:15 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210730) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 11:29:08.280448 2025] [security2:error] [pid 8590:tid 8629] [client 166.88.58.11:45831] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/log/error.log"] [unique_id "aQYnRHl6EaMmM6sQysSnmwAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 22:42:17 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210492) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 18:42:10.596288 2025] [security2:error] [pid 19099:tid 19099] [client 166.88.58.11:56411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.env.production"] [unique_id "aQFGwtkqGNZqI3B_TAom-wAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-01 00:21:52 (9 months ago)	(mod_security) mod_security (id:211190) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.co ... show more (mod_security) mod_security (id:211190) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 20:21:46.730400 2025] [security2:error] [pid 4153618:tid 4153629] [client 166.88.58.11:35421] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?lahjkhoz=%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E&qqorrofl=UNION+SELECT+ALL+FROM+information_schema+AND+%22+or+SLEEP%285%29+or+%22&ielxbeux=..%2F..%2Fetc%2Fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/"] [unique_id "aLTnGkBzN6V-18W2bouMMgAAAcg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2025-08-28 00:20:04 (9 months ago)	IP was involved in L7 DDoS attack.	DDoS Attack
🇺🇸 TPI-Abuse	2025-05-01 03:12:23 (1 year ago)	(mod_security) mod_security (id:226830) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.co ... show more (mod_security) mod_security (id:226830) triggered by 166.88.58.11 (166-88-58-11.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 23:11:31.796779 2025] [security2:error] [pid 10926:tid 11041] [client 166.88.58.11:56299] [client 166.88.58.11] ModSecurity: Access denied with code 403 (phase 1). Operator GE matched 1 at ARGS_GET. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6392"] [id "226830"] [rev "2"] [msg "COMODO WAF: Open redirect vulnerability in the Redirect function in the StageShow plugin before 5.0.9 for WordPress (CVE-2015-5461)\|\|www.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.kettlehill.com"] [uri "/wp-content/plugins/stageshow/stageshow_redirect.php"] [unique_id "aBLmY-40RxDCvuWCMjgFrwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 184.154.157.176

🇺🇸 172.96.182.111

🇵🇰 72.255.19.244

🇺🇸 68.82.141.145

🇸🇬 47.128.42.212

🇦🇷 45.184.229.37

🇺🇸 35.224.55.206

🇳🇱 195.178.110.31

🇩🇪 167.99.141.150

🇻🇳 118.68.105.130

🇰🇷 118.33.113.91

🇮🇳 103.77.14.62

🇺🇸 98.159.37.135

🇺🇸 91.230.168.113

🇺🇸 66.132.186.224

🇵🇰 39.58.205.5

🇨🇳 14.116.189.74

🇰🇷 222.120.176.6

🇪🇪 213.35.128.24

🇺🇸 185.223.152.145