JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.222.199.239

216.222.199.239 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 67%: ?

67%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS40092
Hostname(s)	sh-cp20.lax2.servername.online
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.222.199.239

Whois 216.222.199.239

IP Abuse Reports for 216.222.199.239:

This IP address has been reported a total of 18 times from 11 distinct sources. 216.222.199.239 was first reported on June 16th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-28 23:05:27 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-28 19:20:12 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 13:12:20 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online ... show more (mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:12:15.221050 2026] [security2:error] [pid 19275:tid 19275] [client 216.222.199.239:45186] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|innovacionesnimba.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "innovacionesnimba.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akEdr2Edo9zKAQzUnGoVmwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 lostswordfish.com	2026-06-28 07:24:05 (1 day ago)	Wordfence waf block on parsol	Web App Attack
🇫🇷 tecnicorioja	2026-06-27 22:01:00 (2 days ago)	wp-login attack [27/Jun/2026:09:57:31	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-27 15:39:40 (2 days ago)	(y4) Failed scan -byebye- from 216.222.199.239 (US/United States/sh-cp20.lax2.servername.online): ( ... show more (y4) Failed scan -byebye- from 216.222.199.239 (US/United States/sh-cp20.lax2.servername.online): (CF_ENABLE) show less	Hacking
🇩🇪 Hazzard	2026-06-27 13:04:23 (2 days ago)	(wordpress) Failed wordpress login from 216.222.199.239 (US/United States/-/-/sh-cp20.lax2.servernam ... show more (wordpress) Failed wordpress login from 216.222.199.239 (US/United States/-/-/sh-cp20.lax2.servername.online/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 RLDD	2026-06-27 09:02:37 (2 days ago)	WP probing -sol	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 05:05:30 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online ... show more (mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 01:05:23.592344 2026] [security2:error] [pid 13787:tid 13787] [client 216.222.199.239:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.local639.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.local639.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj9aE0y9mWUwMY1wL8BWHgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-26 10:54:54 (3 days ago)	(wordpress) Failed wordpress login from 216.222.199.239 (US/United States/-/-/sh-cp20.lax2.servernam ... show more (wordpress) Failed wordpress login from 216.222.199.239 (US/United States/-/-/sh-cp20.lax2.servername.online/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 21:03:02 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online ... show more (mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 17:02:57.878092 2026] [security2:error] [pid 10253:tid 10253] [client 216.222.199.239:46696] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fusteriafontane.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fusteriafontane.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj2XgWKykNUAl4QbQfwF7QAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-24 23:50:32 (5 days ago)	(wordpress) Failed wordpress login from 216.222.199.239 (US/United States/-/-/sh-cp20.lax2.servernam ... show more (wordpress) Failed wordpress login from 216.222.199.239 (US/United States/-/-/sh-cp20.lax2.servername.online/[redacted]): (CF_ENABLE) show less	Brute-Force
🇨🇿 ptlab	2026-06-24 18:45:02 (5 days ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 13:30:39 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online ... show more (mod_security) mod_security (id:225170) triggered by 216.222.199.239 (sh-cp20.lax2.servername.online): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:30:33.539609 2026] [security2:error] [pid 18479:tid 18479] [client 216.222.199.239:47784] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|paulsingdahlsen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paulsingdahlsen.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "ajvb-cYc1Wleq8vMaF95XgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-24 09:20:04 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 210.87.90.218

🇫🇷 167.86.80.238

🇨🇳 121.89.86.241

🇧🇬 78.128.113.74

🇮🇩 36.65.187.226

🇬🇧 35.203.210.8

🇺🇸 13.86.116.180

🇺🇸 195.184.76.133

🇬🇧 185.247.137.88

🇮🇩 180.247.57.191

🇺🇸 174.138.89.209

🇩🇪 167.94.146.75

🇩🇴 149.2.83.14

🇧🇷 138.255.122.3

🇺🇸 108.223.93.6

🇧🇷 45.185.93.188

🇬🇧 37.143.61.84

🇧🇪 34.140.177.234

🇺🇸 20.15.164.165

🇺🇸 2607:f8b0:400c:c0d::12a