JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 155.2.217.7

155.2.217.7 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 11%: ?

11%

ISP	VPN Consumer Budapest, Hungary
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇭🇺 Hungary
City	Budapest, Budapest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 155.2.217.7

Whois 155.2.217.7

IP Abuse Reports for 155.2.217.7:

This IP address has been reported a total of 125 times from 32 distinct sources. 155.2.217.7 was first reported on March 26th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-11 03:36:26 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇩🇪 grassau.com	2026-05-04 19:27:30 (1 month ago)	(wordpress) Failed wordpress login from 155.2.217.7 (HU/Hungary/Budapest/Budapest/-)	Brute-Force
🇬🇧 pinguin	2026-03-15 19:56:32 (2 months ago)	Triggered Cloudflare WAF (linkMaze) from HU. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (HEAD ... show more Triggered Cloudflare WAF (linkMaze) from HU. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (HEAD method) Endpoint: /back/bak.tar.gz UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Viveronese	2026-03-15 14:05:37 (2 months ago)	HTTP vulnerability scanning	Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 19:18:41 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 15:18:35.078824 2026] [security2:error] [pid 11152:tid 11152] [client 155.2.217.7:22133] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|asiabeef.network\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "asiabeef.network"] [uri "/bak/dump.sql"] [unique_id "abBui1siUtPwtffnHkAKMwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-03-10 13:57:10 (3 months ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-03-08 22:42:51 (3 months ago)	/old/www.tar	Hacking Web App Attack
🇮🇹 mgarofano80	2026-03-07 10:55:36 (3 months ago)		Brute-Force Web App Attack
🇺🇸 myagent.site	2026-03-07 10:06:50 (3 months ago)	Blocked user enumeration attempt	Hacking
Anonymous	2026-03-07 08:39:30 (3 months ago)	(wordpress) Failed wordpress login from 155.2.217.7 (HU/Hungary/Budapest/Budapest/-/[redacted])	Brute-Force
🇺🇸 TPI-Abuse	2026-03-02 03:20:20 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 22:20:14.522131 2026] [security2:error] [pid 26636:tid 26636] [client 155.2.217.7:30541] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kwtlaw.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kwtlaw.com"] [uri "/backup/sql.sql"] [unique_id "aaUB7nm5Gz1y-I_FrljxygAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-01 18:27:45 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 13:27:36.379106 2026] [security2:error] [pid 16183:tid 16183] [client 155.2.217.7:33407] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.spectorworld.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.spectorworld.com"] [uri "/wallet.dat"] [unique_id "aaSFGIiCOTfrYiBQI45R2AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-01 18:12:42 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 155.2.217.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 13:12:34.896667 2026] [security2:error] [pid 12184:tid 12184] [client 155.2.217.7:57507] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pellman-world.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pellman-world.com"] [uri "/dump.sql"] [unique_id "aaSBkptPKCvKstLpS8oKmgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 r3versedk	2026-02-25 17:35:42 (3 months ago)	🛡️ Automated Threat Report from maxjensen.dk 🎯 Attack Type: Botnet Fingerprint 🚨 Severity: CRITICAL ... show more 🛡️ Automated Threat Report from maxjensen.dk 🎯 Attack Type: Botnet Fingerprint 🚨 Severity: CRITICAL 📊 Threat Score: 95/100 📈 Total Attacks: 342 (database verified, seen over today) 🔍 Peak Score: 95/100 🎯 Common Types: Botnet Fingerprint(1x) 🔍 Fingerprint: 9f96b00ce11bc787 🤖 AI/ML: 🤝 Multi-Model Consensus (neural-network, q-learning, gpt) - 🧠 NN (55%): throttle (94.9%) \| 🎮 QL (23%): block (75.0%) \| 🤖 Claude (23%): monitor (70.0%) \| ⚖️ dynamic+boosted weights... Detected: 2026-02-25T17:35:42.303Z show less	Bad Web Bot
🇬🇧 pinguin	2026-02-07 08:57:48 (4 months ago)	Triggered Cloudflare WAF (firewallManaged) from HU. Action taken: LOG Protocol: HTTP/2 (HEAD method) ... show more Triggered Cloudflare WAF (firewallManaged) from HU. Action taken: LOG Protocol: HTTP/2 (HEAD method) Endpoint: /bak/www.tar UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.194.9.81

🇺🇸 44.223.232.55

🇩🇪 31.76.11.243

🇺🇸 203.88.119.100

🇹🇼 198.235.24.90

🇺🇸 147.185.132.251

🇨🇳 113.2.188.39

🇰🇷 106.243.155.71

🇩🇪 91.204.46.241

🇮🇳 49.205.183.78

🇧🇷 45.229.91.34

🇸🇬 43.134.160.4

🇮🇳 40.81.224.202

🇮🇩 36.95.194.50

🇰🇷 14.63.196.175

🇺🇸 2607:f8b0:4004:c27::127

🇹🇷 178.245.193.187

🇵🇱 138.124.20.112

🇳🇱 45.148.10.157

🇹🇿 41.93.28.9