JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.74.118.9

216.74.118.9 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	CODE200
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21769
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.74.118.9

Whois 216.74.118.9

IP Abuse Reports for 216.74.118.9:

This IP address has been reported a total of 14 times from 5 distinct sources. 216.74.118.9 was first reported on June 10th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 11:53:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 06:52:57.508088 2026] [security2:error] [pid 14033:tid 14033] [client 216.74.118.9:53695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-content/plugins/adaptive-images/adaptive-images-script.php"] [unique_id "aWt4GYHHro5Okmrvp6tVVAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 [email protected]	2025-12-31 23:17:39 (5 months ago)	Attack attempt against Interwebbi servers; Port Scan detected from 216.74.118.9 (US/United States/ ... show more Attack attempt against Interwebbi servers; Port Scan detected from 216.74.118.9 (US/United States/-). 5 hits in the last 400 seconds; IP: 216.74.118.9; Ports: *; Direction: 0; Trigger: PS_LIMIT; show less	Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 19:02:43 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:02:37.846688 2025] [security2:error] [pid 22842:tid 22988] [client 216.74.118.9:48617] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/.webui/..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aVLQTVKoonkfA7MmLZcGSQAAAQA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:22:59 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:22:52.738787 2025] [security2:error] [pid 2201:tid 2201] [client 216.74.118.9:34635] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\\x22__file\\x22:\\x22/etc%2fpasswd\\x22}"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/index.php"] [unique_id "aRWjbDt3vbmuwOQlJ1l10AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 15:49:18 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 11:49:11.701709 2025] [security2:error] [pid 27531:tid 27544] [client 216.74.118.9:46851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/.env.prod.local"] [unique_id "aQYr932WO2IkxYJ6zsIcJgAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-06 01:30:16 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 21:30:07.498011 2025] [security2:error] [pid 1971:tid 1971] [client 216.74.118.9:60077] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.nbcnewsradio.com"] [uri "/wp-login.php.bak"] [unique_id "aJKwHz7aaRuI7asdNGcVKAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:21:04 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:20:40.392560 2025] [security2:error] [pid 172226:tid 172460] [client 216.74.118.9:60413] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php"] [unique_id "aIVw2H6EtJKYjh039Gs84AAAAJU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 17:32:29 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:32:19.544656 2025] [security2:error] [pid 3075263:tid 3075263] [client 216.74.118.9:58543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/.env.old"] [unique_id "aDiaI5ojeLdB7zSNBmwEGgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:18:23 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:18:07.566636 2025] [security2:error] [pid 26434:tid 26458] [client 216.74.118.9:58831] [client 216.74.118.9] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.blog.spinningdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/cgi-bin/test-cgi"] [unique_id "aAMyD0BDF0hFmouiiEBEQwAAABU"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 14:44:46 (1 year ago)	(mod_security) mod_security (id:212620) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:212620) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:44:36.301391 2025] [security2:error] [pid 27303:tid 27388] [client 216.74.118.9:51541] [client 216.74.118.9] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|www.kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?post_type=post&s=\\x22><script>alert(/2td1nevxmuobdwgjls6vxgbvupd/)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.kettlehill.com"] [uri "/"] [unique_id "Z8B6VFqvcS75O-zsMlKbvQAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-11-21 23:57:16 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 216.74.118.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 21 18:57:00.666651 2023] [security2:error] [pid 3049:tid 47321412708096] [client 216.74.118.9:33655] [client 216.74.118.9] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.com"] [uri "/.env.prod.local"] [unique_id "ZV1DzCV8KMTI0zgGlZWEQQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2023-09-26 03:38:39 (2 years ago)	SS1: Web Attack GET /wp-content/debug.log	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2023-07-28 07:11:51 (2 years ago)	\| Suspicious URL access.	Hacking SQL Injection Web App Attack
🇬🇷 Staging	2023-06-10 19:33:23 (3 years ago)	coordinated abuse of login/register	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.1

🇺🇸 107.150.1.166

🇨🇳 101.20.79.201

🇵🇰 72.255.18.61

🇩🇪 213.209.159.227

🇺🇸 207.90.244.18

🇭🇰 199.45.154.149

🇺🇸 195.184.76.206

🇺🇸 195.184.76.203

🇺🇸 193.37.33.43

🇺🇸 193.34.75.104

🇺🇸 193.34.74.46

🇺🇸 192.3.150.139

🇺🇸 174.35.25.179

🇻🇳 171.244.39.95

🇺🇸 152.32.183.236

🇭🇰 152.32.134.89

🇩🇪 144.31.16.74

🇳🇱 138.226.239.12

🇺🇸 108.181.23.81