JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.214.176.53

173.214.176.53 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Code200
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21769
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.214.176.53

Whois 173.214.176.53

IP Abuse Reports for 173.214.176.53:

This IP address has been reported a total of 11 times from 4 distinct sources. 173.214.176.53 was first reported on August 31st 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 11:53:39 (4 months ago)	(mod_security) mod_security (id:240950) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240950) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 06:53:33.059223 2026] [security2:error] [pid 8680:tid 8680] [client 173.214.176.53:47239] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|cpcalendars.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/jira/secure/QueryComponentRendererValue!Default.jspa"] [unique_id "aWt4PQnYnJaTPdZVMdTY3gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:36:47 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:36:40.961584 2025] [security2:error] [pid 22839:tid 22976] [client 173.214.176.53:59147] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/osclass/oc-admin/index.php"] [unique_id "aVLmWKhQT-NrkrxX7z3rvAAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 09:55:31 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 04:55:24.034123 2025] [security2:error] [pid 29289:tid 29412] [client 173.214.176.53:59481] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/error/error.log"] [unique_id "aSrDDLNUYrn346KZC3fb-AAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 14:35:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 09:35:24.324008 2025] [security2:error] [pid 16063:tid 16063] [client 173.214.176.53:49077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nbcnewsradio.com"] [uri "/api/.env"] [unique_id "aRSbLFE609QFG2SWNTeiJgAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 17:04:58 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 13:04:52.137185 2025] [security2:error] [pid 7225:tid 7229] [client 173.214.176.53:47535] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/localhost.key"] [unique_id "aQY9tELI2ys0UnK7ix4MnwAAAME"], referer: http://www.kettlehill.com/localhost.key show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-05 20:16:36 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 16:16:27.987509 2025] [security2:error] [pid 507:tid 507] [client 173.214.176.53:48463] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/log/errors.log"] [unique_id "aJJmm_2_5SIHND2F95Kx3QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:17:17 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:16:51.560965 2025] [security2:error] [pid 172229:tid 172487] [client 173.214.176.53:47503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.staging.kettlehill.com"] [uri "/.env.old"] [unique_id "aIVv8-Zd-uShJ73phjvmHQAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:32:35 (1 year ago)	(mod_security) mod_security (id:212620) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 173.214.176.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:32:28.674055 2025] [security2:error] [pid 2974805:tid 2974805] [client 173.214.176.53:34217] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|www.farmers123.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /ie50/system/login/sysloginuser.aspx?login=denied&uid=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.farmers123.com"] [uri "/ie50/system/login/SysLoginUser.aspx"] [unique_id "aDiMHNJxSD4uUUeiZUW2eAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-17 23:06:26 (1 year ago)	botnet	DDoS Attack
Anonymous	2025-02-01 18:50:07 (1 year ago)	\| Shellshock attack attempt	Hacking SQL Injection Web App Attack
🇺🇸 nowyouknow	2023-08-31 05:52:16 (2 years ago)	(From [email protected]) JP Corsi with Exit Node Corp. I hope that you are having a good day. ... show more (From [email protected]) JP Corsi with Exit Node Corp. I hope that you are having a good day. I am doing a bit of outreach to owner of companies similar to yours as we are seeing increased sales with a number of our clients in the past few months. We have a core focus in helping companies increase online inbound and outreach sales and sell out capacity with incredibly effective and economical strategies. Let me know if increasing online sales is a priority right now and if I can get on your calendar for a short introduction in the next week or two? --- JP Corsi +1 954-833-5563 https://exitnode.co 2339 Glades Pkwy, Weston FL show less	Phishing Web Spam

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.32.162.71

🇧🇷 177.155.133.175

🇷🇺 91.122.136.84

🇺🇸 66.132.224.25

🇺🇸 66.132.195.21

🇺🇸 66.132.186.220

🇺🇸 65.49.1.37

🇩🇪 46.249.99.46

🇺🇸 34.26.222.167

🇧🇷 20.226.41.41

🇧🇬 5.188.206.66

🇮🇪 3.249.69.177

🇺🇸 2604:a880:400:d1:0:4:9637:7001

🇨🇳 223.199.162.44

🇳🇱 193.176.31.234

🇧🇬 78.128.112.30

🇺🇸 66.132.195.105

🇩🇪 62.54.176.203

🇮🇳 8.231.84.60

🇰🇷 1.235.192.214