JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 67.227.1.223

67.227.1.223 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 1%: ?

ISP	code200 UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Hostname(s)	67.227.1.223.rdns.ColocationAmerica.com
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 67.227.1.223

Whois 67.227.1.223

IP Abuse Reports for 67.227.1.223:

This IP address has been reported a total of 10 times from 3 distinct sources. 67.227.1.223 was first reported on January 17th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-22 14:50:17 (2 weeks ago)	LH-Watcher: FAKE_ID [Fake Googlebot]	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-17 07:47:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 02:47:24.835072 2026] [security2:error] [pid 8839:tid 8839] [client 67.227.1.223:33695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/css../.git/config"] [unique_id "aWs-jBgXrXjRX4GdKGLZ_AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:36:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:36:11.711473 2025] [security2:error] [pid 21770:tid 21787] [client 67.227.1.223:35447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/.env.bak"] [unique_id "aVLmO-1IUNfWG5lsn0GY9AAAAY4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:04:36 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210730) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:04:30.874230 2025] [security2:error] [pid 7557:tid 7557] [client 67.227.1.223:41325] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/ftp.farmers123.com/error.log"] [unique_id "aS9ibi-DvuXZJKJBLaCBCwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:34:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:34:22.837650 2025] [security2:error] [pid 8488:tid 8573] [client 67.227.1.223:47479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.net"] [uri "/.env.bak"] [unique_id "aS027tZHHfu_5jcVG6poswAAAZI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 16:40:00 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 12:39:56.259786 2025] [security2:error] [pid 30111:tid 30179] [client 67.227.1.223:40135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.com"] [uri "/api/.env"] [unique_id "aN1ZXBH4YjaIRtXIcLCa7wAAAgk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 02:00:00 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:211190) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:59:57.390163 2025] [security2:error] [pid 729657:tid 729699] [client 67.227.1.223:42889] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/index.php"] [unique_id "aIWIHRUVDjlJfvQpjEJdsQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 19:49:48 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 15:49:42.768577 2025] [security2:error] [pid 3339587:tid 3339587] [client 67.227.1.223:60561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/wp-config.php.dist"] [unique_id "aDi6VknNMxloV5dIyPNZEgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:36:56 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.1.223 (67.227.1.223.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:36:45.910634 2025] [security2:error] [pid 22650:tid 22667] [client 67.227.1.223:44465] [client 67.227.1.223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/.env.example"] [unique_id "aAM2bcLYwl69KqC_78igvQAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 12:20:13 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.188

🇦🇺 170.64.177.49

🇨🇦 146.190.249.117

🇬🇧 217.146.80.108

🇺🇸 172.59.11.216

🇦🇺 170.64.176.145

🇦🇺 170.64.176.144

🇦🇺 170.64.174.156

🇫🇷 155.212.111.76

🇫🇮 147.185.133.248

🇺🇸 137.184.226.118

🇩🇪 134.209.241.217

🇺🇸 132.145.198.213

🇨🇳 117.14.113.93

🇸🇬 43.160.215.203

🇰🇷 221.155.47.189

🇳🇱 195.178.110.42

🇦🇷 190.244.39.224

🇦🇺 170.64.165.122

🇦🇺 170.64.164.184