JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.248.2.63

104.248.2.63 was found in our database!

This IP was reported 61 times. Confidence of Abuse is 98%: ?

98%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Hostname(s)	1174319.cloudwaysapps.com
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.248.2.63

Whois 104.248.2.63

IP Abuse Reports for 104.248.2.63:

This IP address has been reported a total of 61 times from 27 distinct sources. 104.248.2.63 was first reported on April 30th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 wHosts	2026-06-27 00:37:28 (9 hours ago)	Blocked by Fail2Ban	Web App Attack
🇫🇷 ELYAZ	2026-06-26 23:32:53 (10 hours ago)	(wordpress) Failed wordpress login from 104.248.2.63 (US/United States/1174319.cloudwaysapps.com): ... show more (wordpress) Failed wordpress login from 104.248.2.63 (US/United States/1174319.cloudwaysapps.com): (CF_ENABLE) show less	Brute-Force
🇦🇺 QT	2026-06-26 20:24:32 (13 hours ago)	Unauthorised WordPress admin login attempted at 2026-06-27 06:24:24 +1000	Web App Attack
🇩🇪 LRob.fr	2026-06-26 02:00:09 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-25 14:22:23 (1 day ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇺🇸 lostswordfish.com	2026-06-25 06:02:03 (2 days ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇺🇸 factor1	2026-06-25 04:52:37 (2 days ago)	Fail2ban at churndash Reports Abuse.	Brute-Force Web App Attack
🇷🇴 INTEQ	2026-06-25 02:34:56 (2 days ago)	Web attack from 104.248.2.63	Web App Attack
🇩🇪 LRob.fr	2026-06-24 23:00:10 (2 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-23 20:01:21 (3 days ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 15:13:36 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 11:13:31.203176 2026] [security2:error] [pid 28954:tid 28954] [client 104.248.2.63:26556] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.atidysort.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.atidysort.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajf_m--lr60YRElluAAIZAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:49:40 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:49:37.118339 2026] [security2:error] [pid 20239:tid 20239] [client 104.248.2.63:25076] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.ruthbalser.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ruthbalser.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajOG8e1qwepbRohpOuZe4gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:17:49 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:17:42.095531 2026] [security2:error] [pid 14433:tid 14433] [client 104.248.2.63:20944] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.crep-psych.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.crep-psych.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajNxZigiDPMFzuE9op7imwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-17 22:25:36 (1 week ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 18:56:17 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 104.248.2.63 (1174319.cloudwaysapps.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:56:10.796303 2026] [security2:error] [pid 23510:tid 23563] [client 104.248.2.63:38114] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pref-realestate.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pref-realestate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajLtyvC1M1NqGBlLQ8gYjAAAAE0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 61 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.163.10

🇨🇳 103.219.32.239

🇧🇩 103.72.198.198

🇺🇸 74.235.122.210

🇦🇺 45.132.225.76

🇭🇰 199.45.154.159

🇲🇽 187.191.48.23

🇳🇱 176.65.148.69

🇺🇸 172.98.33.20

🇸🇬 152.42.201.102

🇨🇳 123.118.230.64

🇺🇸 103.143.231.2

🇹🇼 60.199.224.2

🇳🇱 45.148.10.151

🇺🇸 216.218.206.68

🇧🇩 203.99.145.201

🇫🇮 147.185.133.245

🇺🇸 216.244.66.241

🇰🇷 192.250.205.97

🇺🇸 158.94.187.32