JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 155.2.216.7

155.2.216.7 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 37%: ?

37%

ISP	VPN Consumer Tokyo, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 155.2.216.7

Whois 155.2.216.7

IP Abuse Reports for 155.2.216.7:

This IP address has been reported a total of 55 times from 22 distinct sources. 155.2.216.7 was first reported on April 19th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 EmK530	2026-06-05 17:20:35 (3 days ago)	URL flagged by RegEx: /vendor/phpunit/phpunit/phpunit.xsd	Web App Attack
🇱🇻 garmtech.com	2026-05-24 12:31:53 (2 weeks ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇺🇸 interbiznw.com	2026-05-21 02:21:10 (2 weeks ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇳🇱 BlueWire Hosting	2026-05-20 11:40:53 (2 weeks ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-15 06:29:50 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 02:29:44.732023 2026] [security2:error] [pid 29851:tid 29851] [client 155.2.216.7:28909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pluscures.com"] [uri "/.env"] [unique_id "aga9WMrapn-jWhzSCr9nhAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-14 10:46:02 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 06:45:56.156793 2026] [security2:error] [pid 25674:tid 25674] [client 155.2.216.7:57781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegrabbagshow.com"] [uri "/.env"] [unique_id "agWn5GbP6yQNEClnDqCs0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-14 10:21:16 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 06:21:10.017533 2026] [security2:error] [pid 18138:tid 18138] [client 155.2.216.7:55621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robschouten.com"] [uri "/.env"] [unique_id "agWiFhFa5QbzoN10UP644wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 cityhunter_rhone	2026-05-13 07:33:43 (3 weeks ago)	Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| sc ... show more Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| scraper score=5 \| events=1 \| decision=datacenter \| actions=fail2ban failed plesk-permanent-ban \| last_seen=2026-05-02 15:50:51 show less	Brute-Force SSH Web App Attack
🇫🇷 cityhunter_rhone	2026-05-12 02:33:39 (4 weeks ago)	Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| sc ... show more Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| scraper score=5 \| events=1 \| decision=datacenter \| actions=fail2ban failed plesk-permanent-ban \| last_seen=2026-05-02 15:50:51 show less	Brute-Force SSH Web App Attack
🇫🇷 cityhunter_rhone	2026-05-10 17:33:47 (4 weeks ago)	Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| sc ... show more Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| scraper score=5 \| events=1 \| decision=datacenter \| actions=fail2ban failed plesk-permanent-ban \| last_seen=2026-05-02 15:50:51 show less	Brute-Force SSH Web App Attack
🇫🇷 cityhunter_rhone	2026-05-07 08:01:24 (1 month ago)	Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| sc ... show more Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| scraper score=5 \| events=1 \| decision=datacenter \| actions=fail2ban failed plesk-permanent-ban \| last_seen=2026-05-02 15:50:51 show less	Brute-Force SSH Web App Attack
🇫🇷 cityhunter_rhone	2026-05-06 02:20:44 (1 month ago)	Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| sc ... show more Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| scraper score=5 \| events=1 \| decision=datacenter \| actions=fail2ban failed plesk-permanent-ban \| last_seen=2026-05-02 15:50:51 show less	Brute-Force SSH Web App Attack
🇫🇷 cityhunter_rhone	2026-05-04 23:44:59 (1 month ago)	Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| sc ... show more Observed at (UTC): 2026-05-02T15:50:51+00:00 \| Mercurius Guide auto detection \| source=Fail2Ban \| scraper score=5 \| events=1 \| decision=datacenter \| actions=fail2ban failed plesk-permanent-ban \| last_seen=2026-05-02 15:50:51 show less	Brute-Force SSH Web App Attack
🇩🇪 Carsten	2026-05-04 04:07:30 (1 month ago)	GET [vendor/phpunit/phpunit/phpunit.xsd]	Port Scan
🇺🇸 TPI-Abuse	2026-05-02 17:31:09 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 155.2.216.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 13:31:01.889213 2026] [security2:error] [pid 31762:tid 31762] [client 155.2.216.7:38311] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.tttns.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tttns.com"] [uri "/about-jason/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afY01bGds0hSxW-winzYdAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2a02:4780:12:917f::1

🇺🇸 2607:f8b0:4001:c2e::124

🇰🇷 221.153.50.115

🇲🇽 187.251.123.104

🇮🇳 152.59.163.199

🇱🇹 141.98.11.83

🇫🇷 85.217.140.33

🇭🇰 74.125.179.149

🇺🇸 64.62.156.224

🇯🇵 47.245.26.63

🇨🇳 36.107.94.31

🇬🇧 35.203.210.111

🇳🇱 212.30.37.192

🇨🇱 200.89.69.247

🇭🇰 152.32.135.217

🇳🇱 142.93.238.7

🇩🇪 104.22.123.47

🇳🇱 81.19.216.105

🇷🇴 80.94.92.165

🇩🇪 69.5.169.42