JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.222.161.10

104.222.161.10 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 3%: ?

ISP	FASTPLANET LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20853
Domain Name	fastplanet.com
Country	🇵🇱 Poland
City	Wlochy, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.222.161.10

Whois 104.222.161.10

IP Abuse Reports for 104.222.161.10:

This IP address has been reported a total of 9 times from 4 distinct sources. 104.222.161.10 was first reported on January 13th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:25:12 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:25:03.037524 2026] [security2:error] [pid 7577:tid 7692] [client 104.222.161.10:57033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/.svn/wc.db"] [unique_id "ahztf46nP6TlQzUBlJvUDQAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:27:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:26:58.514839 2025] [security2:error] [pid 2720:tid 2720] [client 104.222.161.10:51515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.farmers123.com"] [uri "/.env.save"] [unique_id "aS9nsqs1imcXcuSL7YOP7QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 13:12:36 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 09:12:20.643448 2025] [security2:error] [pid 409:tid 409] [client 104.222.161.10:46291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.davispickering.com"] [uri "/.env.www"] [unique_id "aQIStOxBJAsUT2FPsvfQ9gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 22:39:07 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 18:39:02.427177 2025] [security2:error] [pid 19074:tid 19074] [client 104.222.161.10:54131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/api/.env"] [unique_id "aQFGBre9BFs_zrzfcF9a1QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 15:32:19 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 11:32:11.876229 2025] [security2:error] [pid 30035:tid 30064] [client 104.222.161.10:41241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.net"] [uri "/error.log"] [unique_id "aN1Je0IIbSaCPuPKh5hfMwAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-02 03:40:04 (9 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇸🇬 raramos	2025-08-07 19:00:07 (10 months ago)	[SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed ... show more [SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed' in sorbs:'listed [web], [spam]' in Unsubscore:'listed' *(RWIN=8192)(04:10) show less	Web Spam Email Spam Port Scan Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 13:58:16 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.222.161.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 09:58:09.930823 2025] [security2:error] [pid 2873886:tid 2873886] [client 104.222.161.10:43155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nbcnewsradio.com"] [uri "/wp-config.php.bak"] [unique_id "aDxccfN1r06saYKn1TKBDQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 rafix	2025-01-13 20:08:35 (1 year ago)	DDoS on HTTPS, #botnet20250113	DDoS Attack Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.109

🇧🇷 181.218.9.86

🇧🇷 138.204.117.174

🇫🇷 91.196.152.127

🇫🇮 34.88.148.75

🇨🇳 218.106.33.54

🇺🇸 173.239.211.219

🇮🇹 79.34.158.48

🇺🇸 74.125.75.19

🇺🇸 62.132.18.53

🇺🇸 51.81.85.130

🇨🇳 47.97.5.66

🇺🇸 45.156.129.127

🇫🇷 37.67.26.6

🇺🇸 34.139.209.211

🇹🇷 31.145.131.202

🇺🇸 23.94.61.208

🇧🇷 201.63.223.140

🇨🇳 171.213.137.156

🇺🇸 147.182.183.153