JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.88.58.234

166.88.58.234 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS18779
Hostname(s)	166-88-58-234.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.88.58.234

Whois 166.88.58.234

IP Abuse Reports for 166.88.58.234:

This IP address has been reported a total of 9 times from 3 distinct sources. 166.88.58.234 was first reported on December 14th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 13:34:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 08:34:05.229347 2026] [security2:error] [pid 30467:tid 30467] [client 166.88.58.234:47887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.live"] [unique_id "aWuPzbnE8xlUMuNaY9pwwgAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 21:21:54 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:211190) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 16:21:49.376892 2025] [security2:error] [pid 21673:tid 21680] [client 166.88.58.234:40787] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/index.php"] [unique_id "aVLw7doKFoxlNLdnJRxQrAAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 13:33:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 08:33:53.459261 2025] [security2:error] [pid 29655:tid 29655] [client 166.88.58.234:60481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aRXeQU1PsfzvgwzVo45RdgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:55:36 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:55:25.393453 2025] [security2:error] [pid 12475:tid 12481] [client 166.88.58.234:33637] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/.../.../.../.../.../.../.../.../.../windows/win.ini"] [unique_id "aN1A3WCKjmgjI9kURFKIWgAAAUI"], referer: http://www.kettlehill.com/.../.../.../.../.../.../.../.../.../windows/win.ini show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 21:35:53 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 17:35:46.379432 2025] [security2:error] [pid 25353:tid 25353] [client 166.88.58.234:58391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.deandobkin.com"] [uri "/.env.bak"] [unique_id "aNHBMmvsHu5wxz3UlfYCJQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:13:56 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:13:49.352990 2025] [security2:error] [pid 653296:tid 653320] [client 166.88.58.234:45003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/.wp-config.php.swp"] [unique_id "aIV9Tb5epZI5Xx2m9sk_vgAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 20:54:01 (1 year ago)	(mod_security) mod_security (id:240950) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter. ... show more (mod_security) mod_security (id:240950) triggered by 166.88.58.234 (166-88-58-234.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 16:53:55.706510 2025] [security2:error] [pid 3485104:tid 3485104] [client 166.88.58.234:46093] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|whm.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whm.farmers123.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "aDjJY2gjHRVvzQqTXFNONwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 02:40:23 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack
🇩🇪 nyuuzyou	2024-12-14 08:38:34 (1 year ago)	Intensive scraping: /web?s=Tax%20preparation%20services%20Hallandale%20Beach&scraper=marginalia. Use ... show more Intensive scraping: /web?s=Tax%20preparation%20services%20Hallandale%20Beach&scraper=marginalia. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36. show less	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 77.53.195.148

🇧🇷 201.157.199.43

🇪🇹 196.188.116.56

🇲🇦 196.127.4.69

🇩🇪 193.124.20.232

🇨🇳 180.184.52.206

🇺🇸 64.95.9.249

🇺🇸 64.95.9.240

🇮🇳 2a02:4780:11:2047:0:b62:8244:1

🇺🇸 209.90.232.71

🇻🇳 103.72.98.79

🇮🇸 89.147.110.252

🇮🇷 81.12.41.179

🇳🇱 45.148.10.141

🇺🇸 23.254.178.52

🇮🇹 5.152.145.233

🇻🇳 2001:ee0:525f:a670:a0a3:bb43:dc65:d1c0

🇬🇧 193.163.125.170

🇺🇦 128.0.104.44

🇨🇳 121.225.55.155