JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 158.115.252.55

158.115.252.55 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 70%: ?

70%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	datacamp.co.uk
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 158.115.252.55

Whois 158.115.252.55

IP Abuse Reports for 158.115.252.55:

This IP address has been reported a total of 20 times from 12 distinct sources. 158.115.252.55 was first reported on May 26th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 18:12:46 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:12:41.786981 2026] [security2:error] [pid 24166:tid 24166] [client 158.115.252.55:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/sftp-config.json"] [unique_id "ai2dmXt7LXcj8j4rfaD89gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NXTwoThou	2026-06-13 14:15:09 (5 hours ago)	/sftp-config.json	Web App Attack
🇬🇧 consul.to	2026-06-13 08:11:03 (11 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 big-cloud.nl	2026-06-13 05:49:55 (13 hours ago)	Try to access /.vscode/sftp.json	Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 02:01:36 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 mnsf	2026-06-11 19:06:00 (2 days ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇩🇪 4server	2026-06-11 12:00:15 (2 days ago)	[ThuJun1114:00:12.2410022026][security2:error][pid1988072:tid1988202][client158.115.252.55:0]ModSecu ... show more [ThuJun1114:00:12.2410022026][security2:error][pid1988072:tid1988202][client158.115.252.55:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\\\\\\\\.vscode/\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1189\"][id\"350593\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessstoredvscodepasswords\"][severity\"CRITICAL\"][hostname\"chesasilva.ch\"][uri\"/.vscode/sftp.json\"][unique_id\"aiqjTCc-Nzax9TV_NVjMiwAAAQw\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-11 00:15:53 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 22:09:35 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:09:29.986185 2026] [security2:error] [pid 29791:tid 29791] [client 158.115.252.55:33242] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backstore.com"] [uri "/sftp-config.json"] [unique_id "aingmbWJZb9ofJAfpaigNQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:35:32 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:35:25.103032 2026] [security2:error] [pid 18222:tid 18222] [client 158.115.252.55:30864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cgcontinental.com"] [uri "/sftp-config.json"] [unique_id "aimubepnKT30rd7wsdFw0wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Epimetheus	2026-06-05 09:22:27 (1 week ago)	Unauthorized access attempts: [GET] /sftp-config.json UA: Mozilla/5.0 (X11; Linux x86_64) AppleWeb ... show more Unauthorized access attempts: [GET] /sftp-config.json UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-05 05:13:42 (1 week ago)	33 attacks on password grabbing URLs: GET /.vscode/sftp.json HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-06-02 23:32:26 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 19:32:20.114056 2026] [security2:error] [pid 29101:tid 29101] [client 158.115.252.55:23534] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alafiariverrendezvous.org"] [uri "/sftp-config.json"] [unique_id "ah9oBAWFpu7ywVRqlDj43gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-06-02 19:43:00 (1 week ago)	[redacted] 158.115.252.55 - - [02/Jun/2026:20:42:57 +0100] "GET /[redacted] HTTP/1.1" 302 5388 0/218 ... show more [redacted] 158.115.252.55 - - [02/Jun/2026:20:42:57 +0100] "GET /[redacted] HTTP/1.1" 302 5388 0/218720 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 158.115.252.55 - - [02/Jun/2026:20:42:57 +0100] "GET /[redacted] HTTP/1.1" 302 5303 0/374718 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 15:25:15 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 158.115.252.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 11:25:07.564812 2026] [security2:error] [pid 20896:tid 20923] [client 158.115.252.55:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindgardens.com"] [uri "/sftp-config.json"] [unique_id "ah710xa0axjWI_93QngadAAAAJg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.223.199.221

🇧🇷 138.255.157.62

🇦🇪 94.200.95.18

🇺🇸 76.34.233.73

🇳🇱 20.123.146.95

🇳🇱 194.48.251.105

🇲🇽 187.191.48.9

🇺🇸 172.58.120.236

🇺🇸 152.32.150.117

🇨🇳 111.228.10.226

🇨🇳 111.39.206.23

🇺🇸 104.223.52.17

🇧🇬 91.92.40.204

🇺🇸 66.132.172.182

🇫🇷 62.210.38.102

🇵🇱 57.128.214.238

🇹🇼 198.235.24.124

🇸🇬 188.239.15.129

🇨🇳 180.76.185.216

🇺🇸 162.216.149.64