JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.222.197.63

216.222.197.63 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 49%: ?

49%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS40092
Hostname(s)	sh-cp9.lax2.servername.online
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.222.197.63

Whois 216.222.197.63

IP Abuse Reports for 216.222.197.63:

This IP address has been reported a total of 13 times from 7 distinct sources. 216.222.197.63 was first reported on June 15th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-20 00:05:19 (1 hour ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:43:29 (8 hours ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:43:23.647300 2026] [security2:error] [pid 3330:tid 3341] [client 216.222.197.63:41910] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|datuinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "datuinc.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "ajVxq66WGLPyI_-ptuWlDwAAAUk"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇽 octageeks.com	2026-06-19 04:12:55 (21 hours ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 01:55:42 (23 hours ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 21:55:37.536357 2026] [security2:error] [pid 2531:tid 2531] [client 216.222.197.63:44970] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|drjasonkolber.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drjasonkolber.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajShmfEGQcKgfPIipkKFeAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 20:20:04 (1 day ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-06-18 17:52:04 (1 day ago)	Wordfence waf block on registrymatters	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 18:33:47 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:33:40.513463 2026] [security2:error] [pid 10831:tid 10831] [client 216.222.197.63:39934] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sneedvillefarmersmarket.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sneedvillefarmersmarket.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajLohJKCWf12WSB_qCD8bQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 18:01:17 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:01:13.400461 2026] [security2:error] [pid 24359:tid 24359] [client 216.222.197.63:58772] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|webuychesterfieldhouses.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "webuychesterfieldhouses.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajLg6XSBui07FJov-CZS7AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-16 07:49:55 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 07:05:14 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:05:08.953779 2026] [security2:error] [pid 24070:tid 24070] [client 216.222.197.63:54982] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|websitesforauthors.design\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "websitesforauthors.design"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajD1pGfWkZ07XyodDtutJQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 06:44:44 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:44:40.971367 2026] [security2:error] [pid 21963:tid 21963] [client 216.222.197.63:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ac.cloudex.click\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ac.cloudex.click"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajDw2IvOrlRyAanf-TsC9QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-15 23:37:23 (4 days ago)	(wordpress) Failed wordpress login from 216.222.197.63 (US/United States/-/-/sh-cp9.lax2.servername. ... show more (wordpress) Failed wordpress login from 216.222.197.63 (US/United States/-/-/sh-cp9.lax2.servername.online/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 17:24:25 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): ... show more (mod_security) mod_security (id:225170) triggered by 216.222.197.63 (sh-cp9.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:24:21.422748 2026] [security2:error] [pid 20597:tid 20597] [client 216.222.197.63:50928] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|splashstation.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "splashstation.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajA1RXZfSHCEzSAXSYMVcQAAADE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 194.99.27.172

🇹🇭 182.52.205.140

🇳🇬 165.154.176.251

🇮🇩 152.32.153.228

🇺🇸 147.185.132.126

🇺🇸 147.185.132.100

🇨🇳 124.117.194.117

🇨🇳 116.179.32.67

🇺🇸 104.243.35.104

🇷🇺 94.25.174.145

🇬🇧 89.241.34.45

🇺🇸 52.102.139.18

🇱🇹 45.227.254.170

🇨🇳 43.248.108.12

🇫🇷 13.140.155.136

🇺🇸 209.107.212.174

🇧🇪 198.235.24.182

🇧🇷 179.184.85.167

🇺🇸 162.216.150.121

🇺🇸 162.216.150.89