JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 156.228.0.152

156.228.0.152 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS17561
Domain Name	cloudinnovation.org
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 156.228.0.152

Whois 156.228.0.152

IP Abuse Reports for 156.228.0.152:

This IP address has been reported a total of 16 times from 7 distinct sources. 156.228.0.152 was first reported on November 13th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-06 23:22:56 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 19:22:51.286152 2025] [security2:error] [pid 1343:tid 1343] [client 156.228.0.152:10599] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.jewell.familymailboxes.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jewell.familymailboxes.com"] [uri "/s3cmd.ini"] [unique_id "aLzCS_UpakWjdPEG97Y6-wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 01:09:27 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 21:09:22.776335 2025] [security2:error] [pid 27150:tid 27177] [client 156.228.0.152:59943] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.killyourattitude.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.killyourattitude.com"] [uri "/s3cmd.ini"] [unique_id "aLuJwjYnDDLTsK9XFfHV0QAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-05 22:52:52 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 18:52:48.912731 2025] [security2:error] [pid 3387667:tid 3387674] [client 156.228.0.152:18287] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.jessewallaceart.aussiepens.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jessewallaceart.aussiepens.com"] [uri "/s3cmd.ini"] [unique_id "aLtpwOb6LxDQCJKS7dDOzgAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2025-08-05 09:12:01 (9 months ago)	GlobalProtect login attempts with user social.	VPN IP Brute-Force
Anonymous	2025-08-04 15:21:44 (10 months ago)	Botnet - login attempts with leaked random user/pass lists	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-07-25 03:03:29 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 24 23:03:25.281124 2025] [security2:error] [pid 32447:tid 32447] [client 156.228.0.152:23097] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|casadelsolmexico.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "casadelsolmexico.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aILz_Uyj8ZDizctAiBWVlgAAABE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-30 06:22:57 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-28 17:38:26 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-25 17:30:20 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-11 17:13:11 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 156.228.0.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 11 13:13:03.090505 2025] [security2:error] [pid 28189:tid 28189] [client 156.228.0.152:45285] [client 156.228.0.152] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intersession.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intersession.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_lNny-nD5OwNlaTONLK_QAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-09 04:44:10 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Packets-Decreaser.NET	2025-03-26 14:02:05 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2024-12-29 20:20:14 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2024.12.29 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2024.12.29 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 nyuuzyou	2024-12-14 00:27:02 (1 year ago)	Intensive scraping: /web?s=Add%20Comment%20Save%20User%20Info%20Website%20URL%2C%20if%20any&country= ... show more Intensive scraping: /web?s=Add%20Comment%20Save%20User%20Info%20Website%20URL%2C%20if%20any&country=ku-ku&scraper=ddg. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36. show less	Bad Web Bot
🇩🇪 nyuuzyou	2024-11-26 07:06:09 (1 year ago)	Intensive scraping: /web?s=%22title%3DU%C5%BEivatel_diskuse%3A%22&country=an-an&scraper=yep. User-Ag ... show more Intensive scraping: /web?s=%22title%3DU%C5%BEivatel_diskuse%3A%22&country=an-an&scraper=yep. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0. show less	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 167.71.228.234

🇩🇪 144.76.19.24

🇨🇳 60.18.139.82

🇰🇿 5.63.107.70

🇨🇳 220.197.78.247

🇺🇸 205.210.31.87

🇦🇷 186.57.14.137

🇨🇳 183.185.111.74

🇺🇸 167.172.131.229

🇺🇸 166.62.41.190

🇺🇸 135.222.40.33

🇸🇬 103.189.234.96

🇺🇸 91.230.168.189

🇺🇿 84.54.71.22

🇸🇬 52.148.66.53

🇺🇸 34.55.85.220

🇳🇱 31.14.32.6

🇺🇸 216.180.246.195

🇻🇳 165.154.221.175

🇺🇸 162.216.150.157