AbuseIPDB » 166.88.58.209
166.88.58.209 was found in our database!
This IP was reported 6 times. Confidence of
Abuse
is 2%: ?
| ISP |
Ace Data Centers II, L.L.C.
|
| Usage Type |
Data Center/Web Hosting/Transit
|
| ASN |
AS18779
|
| Hostname(s) |
166-88-58-209.ips.acedatacenter.com
|
| Domain Name |
acedatacenter.com
|
| Country |
๐บ๐ธ
United States of America
|
| City |
San Jose, California
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 166.88.58.209:
This IP address has been reported a total of
6
times from
3 distinct
sources.
166.88.58.209 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
๐ซ๐ท
bigorre.org
|
|
Excessive crawling : exceed crawl-delay defined in robots.txt
|
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:221260) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter. ...
show more
(mod_security) mod_security (id:221260) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 11:53:45.246443 2026] [security2:error] [pid 462:tid 462] [client 166.88.58.209:45305] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpcalendars.nbcnewsradio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/debug.cgi"] [unique_id "aWu-mbtEsCMo6b0hTpC2tQAAABU"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:211190) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter. ...
show more
(mod_security) mod_security (id:211190) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:10:54.763431 2025] [security2:error] [pid 29977:tid 29979] [client 166.88.58.209:46235] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||ftp.kettlehill.net|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/maint/modules/home/index.php"] [unique_id "aVLgTjWelXmsIDHwJWYLZgAAAYA"], referer: ftp.kettlehill.net/maint/index.php?packages
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter. ...
show more
(mod_security) mod_security (id:210492) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 09:34:43.302083 2025] [security2:error] [pid 14369:tid 14369] [client 166.88.58.209:59577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "aRXsg2TBBHj-S19lK3VvSAAAABE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210381) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter. ...
show more
(mod_security) mod_security (id:210381) triggered by 166.88.58.209 (166-88-58-209.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 11:32:08.510142 2025] [security2:error] [pid 2882108:tid 2882108] [client 166.88.58.209:42073] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||autodiscover.farmers123.com|F|4"] [data "REQUEST_URI=/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName&redirect=%2f%example.com"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.farmers123.com"] [uri "/OA_HTML/cabo/jsps/a.jsp"] [unique_id "aDh9-Bj33dkZnRXP2z8qPwAAADA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
| Shellshock attack attempt
|
Hacking
SQL Injection
Web App Attack
|
|
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: