JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.253.17.141

167.253.17.141 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	VPNVault LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Hostname(s)	167-253-17-141.cloudairone.com
Domain Name	vpnvau.lt
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.253.17.141

Whois 167.253.17.141

IP Abuse Reports for 167.253.17.141:

This IP address has been reported a total of 7 times from 6 distinct sources. 167.253.17.141 was first reported on October 23rd 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-03-16 11:30:05 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -25.881 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -25.881 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.2841.8 show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-14 10:16:46 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 167.253.17.141 (167-253-17-141.cloudairone.com) ... show more (mod_security) mod_security (id:210730) triggered by 167.253.17.141 (167-253-17-141.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 06:16:37.449488 2026] [security2:error] [pid 11358:tid 11358] [client 167.253.17.141:59169] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Barclay/Thumbs.db"] [unique_id "abU1hZ_DPTYBK95ynWIixgAAABE"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Barclay/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-11 22:18:04 (2 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇫🇷 masterguru	2025-12-23 11:00:01 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 167.253.17.141 (US/United States/167-253-17-14 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 167.253.17.141 (US/United States/167-253-17-141.cloudairone.com): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2025-12-04 06:53:41 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇨🇦 wil.com	2025-11-14 22:46:34 (6 months ago)	GlobalProtect login attempts with user robc.	VPN IP Brute-Force
🇱🇻 garmtech.com	2025-10-23 00:04:46 (7 months ago)	IM360 WAF: Attempt to upload malware	Hacking

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 202.29.225.206

🇹🇼 198.235.24.95

🇪🇸 194.146.92.161

🇳🇱 176.65.139.130

🇺🇾 167.57.199.243

🇫🇮 166.0.115.197

🇺🇸 161.123.179.134

🇺🇸 158.46.217.37

🇻🇳 103.1.210.25

🇲🇰 80.77.146.194

🇺🇸 71.6.232.30

🇧🇪 34.79.177.36

🇲🇰 194.49.55.138

🇧🇴 190.129.122.185

🇲🇽 186.96.145.241

🇩🇪 159.89.25.232

🇺🇸 158.46.211.207

🇺🇸 158.46.128.176

🇺🇸 100.28.153.226

🇩🇪 94.26.106.193