JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.214.13.210

181.214.13.210 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS11426
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Birmingham, Alabama

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.214.13.210

Whois 181.214.13.210

IP Abuse Reports for 181.214.13.210:

This IP address has been reported a total of 8 times from 3 distinct sources. 181.214.13.210 was first reported on January 17th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 04:47:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 23:47:13.625833 2026] [security2:error] [pid 8588:tid 8588] [client 181.214.13.210:47097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aWsUUc3ytgN81A611Aee7AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:53:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:53:01.731977 2025] [security2:error] [pid 30292:tid 30592] [client 181.214.13.210:40661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/.env.dev.local"] [unique_id "aVK__YGwzh_8AlcRvOiJ6AAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:21:58 (7 months ago)	(mod_security) mod_security (id:212620) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:21:52.463082 2025] [security2:error] [pid 31550:tid 31550] [client 181.214.13.210:60719] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?s=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.nbcnewsradio.com"] [uri "/"] [unique_id "aRWjMGqMslZnhn4TpLT0pAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:06:29 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:06:24.548969 2025] [security2:error] [pid 404372:tid 404530] [client 181.214.13.210:51717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/js../.git/config"] [unique_id "aIV7kBTdKN3sxMPXSjQMWwAAAQM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 18:45:45 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 14:37:15.583400 2025] [security2:error] [pid 3168489:tid 3168489] [client 181.214.13.210:54493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.www"] [unique_id "aDipWyOO5p8GwmxgVXulEwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 EGP Abuse Dept	2025-05-16 21:39:17 (1 year ago)	Unauthorized connection to FTP port 21	Port Scan Hacking
🇺🇸 TPI-Abuse	2025-02-28 21:27:13 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 181.214.13.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:26:27.271048 2025] [security2:error] [pid 1346:tid 1507] [client 181.214.13.210:38045] [client 181.214.13.210] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/pages/setup.php"] [unique_id "Z8IqA0DVVIPjkof-kdQMmAAAAgE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 17:10:07 (1 year ago)	\| PHPMyAdmin scans (looking for setup.php).	Hacking SQL Injection Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 152.32.207.197

🇹🇭 118.194.250.127

🇮🇩 103.182.189.90

🇺🇸 64.62.197.32

🇳🇱 45.86.200.50

🇺🇸 2604:a940:301:225:0:17::

🇩🇪 193.124.20.226

🇨🇳 118.196.142.135

🇫🇷 62.171.175.230

🇮🇳 49.156.104.74

🇹🇼 211.78.63.153

🇨🇳 113.219.177.95

🇺🇸 107.174.194.115

🇨🇳 59.48.39.222

🇳🇱 45.140.222.120

🇧🇪 34.156.119.248

🇹🇷 5.11.162.163

🇮🇸 213.190.100.140

🇮🇷 193.151.133.105

🇩🇪 192.109.200.189