JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 155.2.216.24

155.2.216.24 was found in our database!

This IP was reported 47 times. Confidence of Abuse is 27%: ?

27%

ISP	VPN Consumer Tokyo, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 155.2.216.24

Whois 155.2.216.24

IP Abuse Reports for 155.2.216.24:

This IP address has been reported a total of 47 times from 18 distinct sources. 155.2.216.24 was first reported on May 23rd 2025, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 17:49:13 (4 minutes ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 13:49:06.652346 2026] [security2:error] [pid 27764:tid 27764] [client 155.2.216.24:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|yggdrasil.org\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "yggdrasil.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajgkEmHEBKC9AH3vy1Wx2AAAAGA"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 demonsword	2026-06-21 09:45:26 (8 hours ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: clients3.google.com:443 show less	Open Proxy Port Scan
🇱🇻 garmtech.com	2026-05-21 09:12:24 (1 month ago)	IM360 WAF: Laravel Apps Leaking Secrets exploit attempt MV:androxgh0st	Web App Attack
🇺🇸 TPI-Abuse	2026-05-14 11:00:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 07:00:02.042754 2026] [security2:error] [pid 15264:tid 15264] [client 155.2.216.24:44999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wiltoncheese.com"] [uri "/.env"] [unique_id "agWrMjATinhPMzpKRYzWiQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-14 03:15:28 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 13 23:15:25.687023 2026] [security2:error] [pid 27257:tid 27257] [client 155.2.216.24:44959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmachininginc.com"] [uri "/.env"] [unique_id "agU-Tf-JCOuml7Znf19mXAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-05-04 04:23:29 (1 month ago)	GET [vendor/phpunit/phpunit/phpunit.xsd]	Port Scan
🇺🇸 TPI-Abuse	2026-05-03 20:20:49 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 16:20:42.643143 2026] [security2:error] [pid 11271:tid 11271] [client 155.2.216.24:24455] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kaldaragroup.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kaldaragroup.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afeuGuNQ7XEG_RIHIkbsLgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 15:10:07 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 11:10:04.098511 2026] [security2:error] [pid 22976:tid 23093] [client 155.2.216.24:22297] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nepsco.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nepsco.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afYTyem9x45U6aMAH8NsmAAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 14:45:44 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 10:45:38.810813 2026] [security2:error] [pid 7967:tid 7967] [client 155.2.216.24:61793] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.solidthought.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.solidthought.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afYOEssggGuXBHe1V0EccwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 13:04:54 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 09:04:47.021258 2026] [security2:error] [pid 29447:tid 29447] [client 155.2.216.24:34879] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.tttns.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tttns.com"] [uri "/about-jason/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afX2b0nChn02Lmq0NC2vDwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 12:45:40 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 08:45:37.433228 2026] [security2:error] [pid 18318:tid 18345] [client 155.2.216.24:57909] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|clmtic.es\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "clmtic.es"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afXx8YfxI4rhfKUNPnephQAAAZg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 11:22:03 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 07:21:56.961407 2026] [security2:error] [pid 29475:tid 29475] [client 155.2.216.24:59449] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.acquivest.net\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.acquivest.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afXeVMQN8UN_3PRWlgk3jAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-05-02 11:07:57 (1 month ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 09:51:27 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 05:51:23.235406 2026] [security2:error] [pid 14072:tid 14072] [client 155.2.216.24:51453] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|investmentprotectionservices.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "investmentprotectionservices.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afXJGyaOp2X1PduOE-NKQQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 09:31:19 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 05:31:12.671493 2026] [security2:error] [pid 3440:tid 3440] [client 155.2.216.24:52909] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|capriexpress.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capriexpress.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afXEYOdJ6v5W2zVdxdxVugAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 47 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.155.71

🇲🇾 49.124.148.187

🇱🇦 202.137.154.202

🇮🇹 172.253.228.154

🇺🇾 167.56.106.75

🇨🇳 106.75.33.247

🇳🇱 93.123.72.183

🇳🇱 77.83.39.14

🇺🇸 64.62.156.65

🇸🇬 8.219.57.172

🇺🇸 172.253.7.86

🇮🇩 165.154.150.65

🇻🇳 160.191.242.222

🇧🇷 138.94.139.134

🇺🇸 47.253.11.8

🇺🇸 20.65.219.131

🇨🇳 223.167.206.35

🇳🇱 45.148.10.152

🇫🇷 2a01:e0a:8aa:6b70:2ac6:8eff:fe36:f3ca

🇨🇳 218.9.233.223