JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.253.18.114

167.253.18.114 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 18%: ?

18%

ISP	VPNVault LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Hostname(s)	167-253-18-114.cloudairone.com
Domain Name	vpnvau.lt
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.253.18.114

Whois 167.253.18.114

IP Abuse Reports for 167.253.18.114:

This IP address has been reported a total of 4 times from 4 distinct sources. 167.253.18.114 was first reported on March 10th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-05 01:06:56 (16 hours ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-05-24 12:23:57 (1 week ago)	167.253.18.114 - - [24/May/2026:12:23:56 +0000] "POST /cgi-bin/php-cgi?%2D%64+%61%6C%6C%6F%77%5F%75% ... show more 167.253.18.114 - - [24/May/2026:12:23:56 +0000] "POST /cgi-bin/php-cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1" 302 3602 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 01:47:51 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 167.253.18.114 (167-253-18-114.cloudairone.com) ... show more (mod_security) mod_security (id:210730) triggered by 167.253.18.114 (167-253-18-114.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 21:47:44.010305 2026] [security2:error] [pid 2261802:tid 2261802] [client 167.253.18.114:63757] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Laurel/Thumbs.db"] [unique_id "aeA_wN5yBYeCcHL-6misRgAAAAs"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Laurel/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-10 11:18:27 (2 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.11.135.90

🇹🇭 184.82.165.36

🇺🇸 184.52.45.77

🇹🇭 184.22.131.191

🇧🇷 177.67.195.97

🇹🇭 183.89.202.45

🇮🇩 182.253.159.153

🇮🇩 182.253.154.196

🇧🇩 182.252.95.225

🇧🇩 182.163.114.193

🇹🇭 182.52.157.248

🇮🇩 182.23.45.94

🇩🇴 181.232.191.255

🇩🇴 181.232.191.100

🇩🇴 181.232.191.99

🇦🇷 181.80.212.106

🇨🇴 181.79.91.101

🇵🇪 181.66.252.65

🇨🇴 181.48.176.246

🇨🇴 181.48.165.70