JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.74.114.170

216.74.114.170 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 4%: ?

ISP	code200 UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.74.114.170

Whois 216.74.114.170

IP Abuse Reports for 216.74.114.170:

This IP address has been reported a total of 12 times from 4 distinct sources. 216.74.114.170 was first reported on May 30th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:14:57 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:14:48.925811 2026] [security2:error] [pid 12707:tid 12711] [client 216.74.114.170:50559] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.com"] [uri "/www.key"] [unique_id "ahzrGPr1zQOtbkd9viUqQAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 21:06:20 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:06:14.941501 2026] [security2:error] [pid 129975:tid 129975] [client 216.74.114.170:45639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.git/config"] [unique_id "adbDRjVsCKY6bsjTzilodAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-01 20:19:59 (3 months ago)	(mod_security) mod_security (id:211190) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:19:49.970338 2026] [security2:error] [pid 3623:tid 3750] [client 216.74.114.170:44117] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?filename=../../../../../../etc/passwd&mphb_action=download"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/"] [unique_id "aaSfZV4WolzQRuAXATJ-CwAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 22:51:07 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 18:50:57.598918 2025] [security2:error] [pid 4276:tid 4276] [client 216.74.114.170:54135] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.nbcnewsradio.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/host.key"] [unique_id "aQFI0fTqbpPTKB_AHSyk5wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:45:45 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:45:38.636109 2025] [security2:error] [pid 12475:tid 12493] [client 216.74.114.170:56479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/.env.old"] [unique_id "aN0-kmCKjmgjI9kURFKBhQAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 20:26:52 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 16:26:42.552222 2025] [security2:error] [pid 29707:tid 29707] [client 216.74.114.170:42823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.deandobkin.com"] [uri "/.htpasswd"] [unique_id "aNGxAimlC7XA7yPJcnn31QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 KuhA	2025-09-22 01:47:00 (8 months ago)	"GET /old_phpinfo.php HTTP/1.1"	Hacking Web App Attack
Anonymous	2025-09-09 13:50:02 (8 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇪🇸 10dencehispahard SL	2025-08-18 09:42:42 (9 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-08-01 06:32:14 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:32:07.499723 2025] [security2:error] [pid 3331488:tid 3331547] [client 216.74.114.170:49573] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|staging.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/database.php.bak"] [unique_id "aIxfZwesNFIDOFtp0dFZhwAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 05:37:46 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 01:37:20.960754 2025] [security2:error] [pid 2256137:tid 2256231] [client 216.74.114.170:45111] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?p=3232&wp_automatic=download&link=file:///etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/"] [unique_id "aDvnEGQ8Dui5hvebpq9vegAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 19:46:15 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.74.114.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 15:46:07.633135 2025] [security2:error] [pid 596120:tid 596120] [client 216.74.114.170:59783] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/www.key"] [unique_id "aDoK_0K9ev3qTYIP69hGfQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇬 196.0.242.54

🇳🇱 185.223.235.7

🇺🇸 185.8.106.94

🇨🇳 180.76.243.197

🇩🇪 139.59.212.230

🇺🇸 104.243.35.92

🇺🇿 91.229.163.10

🇭🇰 58.152.42.174

🇸🇳 41.214.3.185

🇦🇺 34.151.129.95

🇺🇸 2604:a880:400:d1:0:4:8c0e:5001

🇳🇱 195.178.110.162

🇩🇪 155.117.127.104

🇺🇸 107.174.58.156

🇧🇩 103.179.198.19

🇮🇩 103.174.115.74

🇫🇷 86.216.244.138

🇧🇷 43.157.157.55

🇺🇸 34.144.176.26

🇺🇸 2604:a880:400:d1:0:4:8bf2:5001