JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 155.212.111.248

155.212.111.248 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 34%: ?

34%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43444
Domain Name	finegroupservers.com
Country	🇫🇷 France
City	Jouy-aux-Arches, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 155.212.111.248

Whois 155.212.111.248

IP Abuse Reports for 155.212.111.248:

This IP address has been reported a total of 17 times from 8 distinct sources. 155.212.111.248 was first reported on January 30th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-27 11:36:33 (4 hours ago)	Fail2Ban banned 155.212.111.248 for security violations in jail wp-armour. Log: 2026/06/27 11:36:33 ... show more Fail2Ban banned 155.212.111.248 for security violations in jail wp-armour. Log: 2026/06/27 11:36:33 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 155.212.111.248 \| Target: wplogin" , client: 155.212.111.248, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-06-27 09:23:21 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:23:13.125504 2026] [security2:error] [pid 21537:tid 21537] [client 155.212.111.248:55207] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|21north.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "21north.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj-WgeDDCwMk3_dpCMaLnAAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-06-26 16:24:50 (23 hours ago)	RDWeb scan	Web App Attack
🇪🇸 librebit	2026-06-14 04:56:11 (1 week ago)	RDWeb scan	Web App Attack
Anonymous	2026-06-13 15:17:12 (2 weeks ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
🇪🇸 librebit	2026-06-11 09:03:19 (2 weeks ago)	RDWeb scan	Web App Attack
Anonymous	2026-06-11 04:23:12 (2 weeks ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
🇩🇪 Paul Smith	2026-05-21 14:05:00 (1 month ago)	Email Auth Brute force attack 2/1 in last day	Brute-Force
🇩🇪 Paul Smith	2026-05-20 14:03:59 (1 month ago)	Email Auth Brute force attack 1/1 in last day	Brute-Force
🇩🇪 Paul Smith	2026-05-18 20:59:21 (1 month ago)	Email Auth Brute force attack 1/1 in last day	Brute-Force
🇺🇸 kosada.com	2026-05-06 14:41:54 (1 month ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-05-04 02:29:38 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 22:29:30.997292 2026] [security2:error] [pid 18452:tid 18452] [client 155.212.111.248:40441] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|miszewski.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "miszewski.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afgEishmGlLuR3MuRzOqIQAAABE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 06:57:37 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:57:33.719359 2026] [security2:error] [pid 3369324:tid 3369324] [client 155.212.111.248:45259] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeR83fMrzk6llgfxjdGlvAAAABg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 22:40:06 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 18:40:00.030756 2026] [security2:error] [pid 3443482:tid 3443497] [client 155.212.111.248:56109] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pamper.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pamper.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeFlQKY0KgmEssd2U0qgjAAAAM0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 01:33:30 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.111.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 21:33:23.967034 2026] [security2:error] [pid 3991043:tid 3991065] [client 155.212.111.248:43209] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|slelectric.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "slelectric.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad7q486oq0sqWEjJDGQArwAAAFQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.182.246.240

🇬🇧 89.37.172.137

🇹🇷 46.154.117.225

🇳🇴 20.100.185.192

🇺🇸 199.87.180.129

🇪🇬 197.63.49.114

🇸🇪 171.25.158.57

🇨🇳 117.177.237.22

🇱🇻 81.30.98.49

🇪🇸 79.72.57.232

🇺🇸 66.132.172.42

🇺🇸 44.244.219.119

🇮🇳 223.233.87.52

🇳🇱 193.176.31.225

🇲🇽 187.191.48.4

🇿🇦 154.16.95.79

🇺🇸 104.43.131.157

🇮🇳 103.67.152.201

🇱🇻 81.30.98.44

🇫🇷 79.137.34.248