JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 67.227.37.16

67.227.37.16 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	code200 UAB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Hostname(s)	67.227.37.16.rdns.ColocationAmerica.com
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 67.227.37.16

Whois 67.227.37.16

IP Abuse Reports for 67.227.37.16:

This IP address has been reported a total of 6 times from 3 distinct sources. 67.227.37.16 was first reported on February 28th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 03:26:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:210492) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 22:26:13.008931 2026] [security2:error] [pid 30779:tid 30805] [client 67.227.37.16:39331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/css../.git/config"] [unique_id "aXgwVdHp9a6aOJN1nOPnAQAAAdE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 10:09:07 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:211190) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:08:59.974426 2025] [security2:error] [pid 15942:tid 15942] [client 67.227.37.16:42865] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/index.php"] [unique_id "aRWuO7PGVfwBYgkKLC_j7QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2025-10-12 23:06:36 (7 months ago)	SS1: Web Attack GET /etc/passwd	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:11:42 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:211190) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:08:45.732400 2025] [security2:error] [pid 27651:tid 27897] [client 67.227.37.16:40513] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /maint/modules/home/index.php?lang=english\|cat%20/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/maint/modules/home/index.php"] [unique_id "aIVf_a1-ZZtwgx0WzfsuDAAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 23:33:12 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmeri ... show more (mod_security) mod_security (id:221260) triggered by 67.227.37.16 (67.227.37.16.rdns.ColocationAmerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:33:08.545439 2025] [security2:error] [pid 3759504:tid 3759504] [client 67.227.37.16:58019] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/cgi-bin/stats"] [unique_id "aDjutLvlyhpK-aB2qxlPLwAAABk"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-28 16:10:03 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.85.238.234

🇫🇷 185.177.72.10

🇨🇴 181.235.3.123

🇺🇸 104.236.60.143

🇹🇷 89.252.131.17

🇺🇸 65.49.1.135

🇭🇰 47.83.197.179

🇻🇳 36.50.134.219

🇺🇸 2602:fb54:1400::34

🇺🇸 2001:470:1:fb5::250

🇳🇱 193.176.31.204

🇬🇧 193.163.125.220

🇷🇴 193.32.162.13

🇩🇪 141.11.250.239

🇺🇸 66.132.186.248

🇰🇷 43.166.1.243

🇺🇸 216.73.216.176

🇮🇳 202.53.94.246

🇰🇿 176.124.88.29

🇺🇸 162.216.150.57