JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 67.203.32.63

67.203.32.63 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 53%: ?

53%

ISP	CODE200
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21769
Hostname(s)	63-32-203-67.rdns.colocationamerica.com
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 67.203.32.63

Whois 67.203.32.63

IP Abuse Reports for 67.203.32.63:

This IP address has been reported a total of 26 times from 9 distinct sources. 67.203.32.63 was first reported on June 11th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 bohl-aiG5aef	2026-06-16 12:27:19 (3 days ago)	Suricata Alert [SID:2044504] ET INFO Request for Visual Studio Code sftp.json - Possible Information ... show more Suricata Alert [SID:2044504] ET INFO Request for Visual Studio Code sftp.json - Possible Information Leak show less	Hacking
🇺🇸 TPI-Abuse	2026-06-14 06:50:50 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:50:45.535884 2026] [security2:error] [pid 7022:tid 7022] [client 67.203.32.63:38100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cncservices.ws"] [uri "/sftp-config.json"] [unique_id "ai5PRbbodDoStBTajUHsygAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 01:07:46 (6 days ago)	(mod_security) mod_security (id:210580) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210580) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:07:39.409184 2026] [security2:error] [pid 27670:tid 27670] [client 67.203.32.63:64874] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|cm-salon.com\|F\|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/cjsheatingandair.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "cm-salon.com"] [uri "/.vscode/sftp.json"] [unique_id "ai3-2yvPtgl6lFIl6lUO9wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 22:45:42 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 18:45:36.199522 2026] [security2:error] [pid 26859:tid 26859] [client 67.203.32.63:14470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clubfansite.com"] [uri "/sftp-config.json"] [unique_id "ai3dkFgkD_8QJC6ySgP97QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 16:34:40 (6 days ago)	(mod_security) mod_security (id:210580) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210580) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:34:34.471135 2026] [security2:error] [pid 6898:tid 6898] [client 67.203.32.63:58912] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|clossglobal.com\|F\|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: https:/cjsheatingandair.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "clossglobal.com"] [uri "/.vscode/sftp.json"] [unique_id "ai2GmhHts7ixL_W4EEtN8QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 13:48:02 (6 days ago)	(mod_security) mod_security (id:949110) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:949110) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:47:55.542786 2026] [security2:error] [pid 14043:tid 14043] [client 67.203.32.63:51570] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "clintess.biz"] [uri "/sftp-config.json"] [unique_id "ai1fi6u2EdI7JW9DIoU1qAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-13 08:11:03 (6 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:10:18 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:10:11.491339 2026] [security2:error] [pid 23962:tid 24096] [client 67.203.32.63:64028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clearwaterpumpservices.com"] [uri "/sftp-config.json"] [unique_id "aiz0QxTpWPcdld_zZTAEQgAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-06-13 03:30:26 (6 days ago)	GET [sftp-config.json]	Port Scan
🇺🇸 TPI-Abuse	2026-06-12 19:29:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 15:29:24.656494 2026] [security2:error] [pid 5407:tid 5407] [client 67.203.32.63:19278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "claireashtoncounseling.com"] [uri "/sftp-config.json"] [unique_id "aixeFPyMxg0Ekbdy-KGdQwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 15:35:26 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:35:19.933882 2026] [security2:error] [pid 4074:tid 4074] [client 67.203.32.63:18180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citystreetsalon.com"] [uri "/sftp-config.json"] [unique_id "aiwnNwCuYHtE9-egqrOcpwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:57:38 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:57:33.880302 2026] [security2:error] [pid 20593:tid 20593] [client 67.203.32.63:18274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circleinthesquare.org"] [uri "/sftp-config.json"] [unique_id "aivmHXBC1CijINL2iAe8WQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 06:55:41 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:55:36.217187 2026] [security2:error] [pid 6805:tid 6805] [client 67.203.32.63:50760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cidv.net"] [uri "/sftp-config.json"] [unique_id "aiutaAJ5dQbHbD6o5jZlxQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:03:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:03:26.072869 2026] [security2:error] [pid 10030:tid 10030] [client 67.203.32.63:15566] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christineohlman.net"] [uri "/sftp-config.json"] [unique_id "aita3l9nQuw4NYjRLj-jFQAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 23:13:46 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationameri ... show more (mod_security) mod_security (id:210492) triggered by 67.203.32.63 (63-32-203-67.rdns.colocationamerica.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 19:13:42.786598 2026] [security2:error] [pid 20988:tid 20988] [client 67.203.32.63:12382] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrismonty.com"] [uri "/sftp-config.json"] [unique_id "aitBJue6eNWsIwNT5dLIQwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 185.197.8.143

🇨🇳 124.64.23.23

🇮🇩 112.215.238.23

🇳🇱 91.92.40.204

🇧🇬 84.252.66.79

🇩🇪 37.120.184.37

🇯🇵 8.216.12.108

🇺🇸 2607:fb92:2d85:abd4:6d1c:74f6:5e60:96d5

🇬🇧 217.146.80.108

🇺🇸 216.250.113.140

🇩🇪 213.209.159.56

🇧🇴 200.90.145.188

🇭🇰 199.45.154.181

🇳🇦 197.234.86.166

🇵🇱 194.180.49.217

🇦🇿 185.32.44.117

🇧🇷 181.191.168.176

🇩🇪 178.63.100.80

🇧🇷 177.75.108.200

🇳🇱 176.65.149.194