JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.74.115.119

216.74.115.119 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	code200 UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.74.115.119

Whois 216.74.115.119

IP Abuse Reports for 216.74.115.119:

This IP address has been reported a total of 11 times from 4 distinct sources. 216.74.115.119 was first reported on May 15th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇬 Stoyko Stoykov	2026-03-17 17:08:28 (2 months ago)	216.74.115.119 - - [17/Mar/2026:19:08:27 +0200] "GET /cgi-bin/printenv HTTP/1.1" 404 0 "-" "Mozilla/ ... show more 216.74.115.119 - - [17/Mar/2026:19:08:27 +0200] "GET /cgi-bin/printenv HTTP/1.1" 404 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 12:48:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 07:48:02.672385 2026] [security2:error] [pid 16719:tid 16778] [client 216.74.115.119:59125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.env.save"] [unique_id "aX9LgtCv_m7wviPTH3El6QAAAQI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-03 01:58:08 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 20:58:00.154861 2025] [security2:error] [pid 30253:tid 30253] [client 216.74.115.119:50697] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webdisk.farmers123.com:80\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/cgi-bin/stats"] [unique_id "aS-ZKPCbRbwK_bAOSBfWPAAAABw"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:09:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:09:03.822286 2025] [security2:error] [pid 8488:tid 8565] [client 216.74.115.119:44615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.net"] [uri "/.git/config"] [unique_id "aS0w_9ZHHfu_5jcVG6piZgAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 Erpelstolz	2025-11-25 11:30:45 (6 months ago)	VM 131: 216.74.115.119 - - [25/Nov/2025:12:30:41 +0100] "GET /partymgr/control/getJSONuiLabelArray H ... show more VM 131: 216.74.115.119 - - [25/Nov/2025:12:30:41 +0100] "GET /partymgr/control/getJSONuiLabelArray HTTP/1.1" 301 763 show less	Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 22:46:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 18:46:33.145961 2025] [security2:error] [pid 30714:tid 30714] [client 216.74.115.119:46963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.nbcnewsradio.com"] [uri "/.htaccess"] [unique_id "aQFHyT2wXTfUBp5_CqQFdwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 15:12:02 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 11:11:56.539965 2025] [security2:error] [pid 12475:tid 12495] [client 216.74.115.119:50661] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/admin/error.log"] [unique_id "aN1EvGCKjmgjI9kURFKpfwAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-05 19:32:53 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 15:32:45.740372 2025] [security2:error] [pid 22100:tid 22100] [client 216.74.115.119:48221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nbcnewsradio.com"] [uri "/wp-config.php.bak"] [unique_id "aJJcXdwnPMTOgvLZUuFY3wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 06:50:08 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:49:32.777622 2025] [security2:error] [pid 3331491:tid 3331525] [client 216.74.115.119:37885] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/error.log"] [unique_id "aIxjfFQiAcb55uv05QowJwAAAkc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 05:36:54 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 216.74.115.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 01:35:10.724962 2025] [security2:error] [pid 2256135:tid 2256178] [client 216.74.115.119:57977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/wp-config.php"] [unique_id "aDvmjq49PdggYnA6bssaYQAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-15 14:10:02 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 176.108.224.132

🇻🇳 103.97.135.244

🇦🇷 2803:9800:9093:8bf2:1dc5:2033:6782:1390

🇺🇸 186.243.255.237

🇺🇸 165.245.162.86

🇺🇸 162.241.152.21

🇩🇪 141.11.45.234

🇭🇰 119.28.71.133

🇸🇬 101.47.158.56

🇷🇺 91.215.85.193

🇮🇳 89.117.157.159

🇺🇸 18.209.137.234

🇬🇧 5.226.140.105

🇳🇱 2a02:4780:8:1225:0:342f:4a24:1

🇸🇬 2404:6800:4003:c0f::12a

🇺🇸 134.122.125.153

🇺🇸 130.131.220.95

🇮🇷 85.9.111.160

🇺🇸 66.132.172.148

🇺🇸 52.1.195.155