JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 207.244.218.57

207.244.218.57 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 3%: ?

ISP	trafficforce, UAB
Usage Type	Commercial
ASN	AS133944
Domain Name	trafficforce.lt
Country	🇭🇷 Croatia
City	Zagreb, Zagreb

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 207.244.218.57

Whois 207.244.218.57

IP Abuse Reports for 207.244.218.57:

This IP address has been reported a total of 14 times from 3 distinct sources. 207.244.218.57 was first reported on January 25th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:47:05 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:45:59.151578 2026] [security2:error] [pid 11752:tid 12132] [client 207.244.218.57:41435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.kettlehill.com"] [uri "/.env.backup"] [unique_id "ahzkV1K1j6eB9I0a-Y9KXgAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 10:04:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 05:04:23.414362 2026] [security2:error] [pid 16661:tid 16661] [client 207.244.218.57:33467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.nbcnewsradio.com"] [uri "/.env.dev"] [unique_id "aWoNJydSjFuaiKshafeKRAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:14:51 (5 months ago)	(mod_security) mod_security (id:212750) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:13:53.202423 2025] [security2:error] [pid 22840:tid 22944] [client 207.244.218.57:52405] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|www.kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /?s=<img src=x onerror=alert(123);>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.kettlehill.com"] [uri "/"] [unique_id "aVLS8fUSdzJ-gbjPWKhTEAAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-03 02:00:50 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 21:00:37.811607 2025] [security2:error] [pid 359:tid 359] [client 207.244.218.57:56873] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webdisk.farmers123.com:80\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/cgi-bin/test"] [unique_id "aS-ZxZkHNzom1bOy2mUDjwAAAB4"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:59:14 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:58:12.148253 2025] [security2:error] [pid 2514:tid 2514] [client 207.244.218.57:49837] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-content/mysql.sql"] [unique_id "aRWdpPi5wMMLqXM1ntLc_QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 12:51:01 (7 months ago)	(mod_security) mod_security (id:248270) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:248270) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 08:50:55.410497 2025] [security2:error] [pid 3218:tid 3218] [client 207.244.218.57:45925] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at ARGS:x. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|192.64.150.174:443\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "192.64.150.174"] [uri "/"] [unique_id "aQINr4yewtz2l8-ggiJjLwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 17:13:43 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 13:13:34.980735 2025] [security2:error] [pid 30036:tid 30079] [client 207.244.218.57:50503] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/main.php.bak"] [unique_id "aN1hPp4Gg6n9TdaAp9iAIQAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:12:03 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:11:50.291793 2025] [security2:error] [pid 172226:tid 172450] [client 207.244.218.57:56755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/.env.production.local"] [unique_id "aIVuxn6EtJKYjh039Gs5hAAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-23 18:49:51 (10 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2025-06-22 19:02:29 (11 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 15:31:57 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 11:31:52.419834 2025] [security2:error] [pid 2882105:tid 2882105] [client 207.244.218.57:36533] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.farmers123.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.farmers123.com"] [uri "/autodiscover.db"] [unique_id "aDh96LSKlWK6NzgSlFfSwQAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-29 05:30:54 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-02-27 15:00:06 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 207.244.218.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:59:23.689976 2025] [security2:error] [pid 27063:tid 27227] [client 207.244.218.57:52467] [client 207.244.218.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/.env.backup"] [unique_id "Z8B9y8nGgNPGej7DPucTogAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 09:10:27 (1 year ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.70

🇧🇩 103.107.79.239

🇺🇸 71.6.241.146

🇰🇷 59.23.20.15

🇻🇳 42.96.19.37

🇺🇸 34.197.70.90

🇩🇪 2602:80d:1005::17

🇨🇳 218.90.124.125

🇳🇱 185.93.89.167

🇨🇳 180.114.164.57

🇺🇸 147.185.132.217

🇨🇳 124.88.113.243

🇿🇦 102.66.179.223

🇳🇱 89.149.200.209

🇺🇸 66.240.223.240

🇺🇸 64.62.197.62

🇫🇷 51.68.34.131

🇲🇾 49.124.159.179

🇲🇾 49.124.151.78

🇨🇳 49.66.80.232