JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 66.235.114.238

66.235.114.238 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Amazon.com, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 66.235.114.238

Whois 66.235.114.238

IP Abuse Reports for 66.235.114.238:

This IP address has been reported a total of 9 times from 3 distinct sources. 66.235.114.238 was first reported on November 27th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-11 07:09:48 (1 month ago)	Aggressive web scan	Web App Attack
🇺🇸 TPI-Abuse	2026-04-07 17:48:10 (2 months ago)	(mod_security) mod_security (id:217200) triggered by 66.235.114.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 66.235.114.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 13:48:03.635655 2026] [security2:error] [pid 1531694:tid 1531694] [client 66.235.114.238:33972] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|mail.koorsen.net:80\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.koorsen.net"] [uri "/guest_auth/guestIsUp.php"] [unique_id "adVDU1eDlmBXK2jMZtQihAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-07 00:50:21 (2 months ago)	Aggressive web scan	Web App Attack
🇺🇸 TPI-Abuse	2026-03-03 19:46:09 (3 months ago)	(mod_security) mod_security (id:217200) triggered by 66.235.114.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 66.235.114.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 14:45:59.604921 2026] [security2:error] [pid 30399:tid 30399] [client 66.235.114.238:46604] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|cpanel.koorsen.net:80\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "cpanel.koorsen.net"] [uri "/guest_auth/guestIsUp.php"] [unique_id "aac6d8ti7tVzk7upyVvY5AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-03 09:20:03 (3 months ago)	Aggressive web scan	Web App Attack
🇮🇪 OperatorXoR	2026-01-25 21:51:00 (5 months ago)	This IP address has been observed in the wild attempting to exploit CVE-2014-0002 This CVE relate ... show more This IP address has been observed in the wild attempting to exploit CVE-2014-0002 This CVE relates to an attack attempt against an XML External Entity (XXE) vulnerability in Apache Camel. The vulnerability is due to an design weakness when a vulnerable module handles a crafted XML file. A remote attacker can exploit this to gain unauthorized access to sensitive information via a crafted XML file. Affected products: Apache Software Foundation Camel 2.11.0 to 2.11.3 Apache Software Foundation Camel 2.12.0 to 2.12.2 Further information available here: https://www.fortiguard.com/encyclopedia/ips/38143 https://vulert.com/vuln-db/CVE-2014-0002 https://app.opencve.io/cve/CVE-2014-0002 show less	Hacking
Anonymous	2026-01-25 01:54:08 (5 months ago)	Aggressive web scan	Web App Attack
Anonymous	2025-12-11 07:10:06 (6 months ago)	Aggressive web scan	Web App Attack
Anonymous	2025-11-27 09:59:45 (7 months ago)	Aggressive web scan	Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇿 60.234.77.227

🇺🇸 216.25.89.102

🇫🇷 194.163.142.76

🇨🇳 182.138.158.204

🇩🇪 165.22.82.165

🇫🇮 147.185.133.243

🇰🇷 121.161.149.104

🇷🇴 80.94.92.234

🇰🇷 58.229.141.26

🇨🇳 58.18.80.18

🇺🇸 45.92.229.228

🇫🇮 45.87.249.146

🇻🇳 27.79.0.180

🇨🇦 144.217.76.59

🇧🇬 91.191.209.118

🇬🇧 35.203.211.119

🇺🇸 24.190.125.113

🇩🇪 3.74.44.33

🇧🇷 2a09:bac5:65c:7af::c4:40

🇺🇸 185.61.217.31