JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.235.253.236

178.235.253.236 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 74%: ?

74%

ISP	VECTRA S.A.
Usage Type	Fixed Line ISP
ASN	AS29314
Hostname(s)	178235253236.slupsk.vectranet.pl
Domain Name	vectra.pl
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.235.253.236

Whois 178.235.253.236

IP Abuse Reports for 178.235.253.236:

This IP address has been reported a total of 149 times from 79 distinct sources. 178.235.253.236 was first reported on June 30th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 kommunos	2026-05-22 17:44:53 (2 weeks ago)	/v2/api-docs	Web App Attack
🇩🇪 LRob.fr	2026-05-22 17:30:11 (2 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇳🇱 Site.eu	2026-05-22 17:29:37 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 Skyrider	2026-05-22 17:25:52 (2 weeks ago)	178.235.253.236 - - [22/May/2026:19:25:52 +0200] "GET /api/openapi.json HTTP/2.0" 404 162 "-" "Mozil ... show more 178.235.253.236 - - [22/May/2026:19:25:52 +0200] "GET /api/openapi.json HTTP/2.0" 404 162 "-" "Mozilla/5.0 (Android 16; Mobile; rv:148.0) Gecko/148.0 Firefox/148.0" 178.235.253.236 - - [22/May/2026:19:25:52 +0200] "GET /api-docs HTTP/2.0" 404 162 "-" "Mozilla/5.0 (Android 16; Mobile; rv:148.0) Gecko/148.0 Firefox/148.0" 178.235.253.236 - - [22/May/2026:19:25:52 +0200] "GET /openapi.json HTTP/2.0" 404 162 "-" "Mozilla/5.0 (Android 16; Mobile; rv:148.0) Gecko/148.0 Firefox/148.0" 178.235.253.236 - - [22/May/2026:19:25:52 +0200] "GET /swagger/v2/swagger.json HTTP/2.0" 404 162 "-" "Mozilla/5.0 (Android 16; Mobile; rv:148.0) Gecko/148.0 Firefox/148.0" 178.235.253.236 - - [22/May/2026:19:25:52 +0200] "GET /api/swagger.json HTTP/2.0" 404 162 "-" "Mozilla/5.0 (Android 16; Mobile; rv:148.0) Gecko/148.0 Firefox/148.0" show less	Bad Web Bot Web App Attack
🇦🇺 Anytech	2026-05-22 17:25:29 (2 weeks ago)	Blocked by Conn-Monitor	Bad Web Bot Web App Attack
🇩🇪 gadix	2026-05-22 16:59:01 (2 weeks ago)	[22/May/2026:18:58:59.117831 +0200] ahCLU9JRmv1sYH053NZLxgAAAJU 178.235.253.236 39894 127.0.0.1 7081 ... show more [22/May/2026:18:58:59.117831 +0200] ahCLU9JRmv1sYH053NZLxgAAAJU 178.235.253.236 39894 127.0.0.1 7081 [22/May/2026:18:58:59.522260 +0200] ahCLU9JRmv1sYH053NZL0AAAAI4 178.235.253.236 40216 127.0.0.1 7081 [22/May/2026:18:58:59.796370 +0200] ahCLUysz-EdJBpt1T2wLrAAAAAA 178.235.253.236 40240 127.0.0.1 7081 ... show less	Web App Attack
🇩🇪 FeG Deutschland	2026-05-22 16:37:43 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 16:30:42 (2 weeks ago)	(mod_security) mod_security (id:210580) triggered by 178.235.253.236 (178235253236.slupsk.vectranet. ... show more (mod_security) mod_security (id:210580) triggered by 178.235.253.236 (178235253236.slupsk.vectranet.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 12:30:35.329834 2026] [security2:error] [pid 30433:tid 30433] [client 178.235.253.236:30965] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:v. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|watermarks.info\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:v: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "watermarks.info"] [uri "/bus.php"] [unique_id "ag8zK5GbaRLlDryMHPTQZAAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-05-21 16:15:04 (2 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-21 15:49:09 (2 weeks ago)	(mod_security) mod_security (id:210580) triggered by 178.235.253.236 (178235253236.slupsk.vectranet. ... show more (mod_security) mod_security (id:210580) triggered by 178.235.253.236 (178235253236.slupsk.vectranet.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 11:49:05.201668 2026] [security2:error] [pid 17020:tid 17020] [client 178.235.253.236:2988] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:path. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|seoanalyticslocal.com\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:path: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "seoanalyticslocal.com"] [uri "/index.php"] [unique_id "ag8pcQ6eNxN78ink80BrrwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 solution.it	2026-05-21 14:44:56 (2 weeks ago)	[Thu May 21 16:44:55.608284 2026] [php7:error] [pid 1228057:tid 1228057] [client 178.235.253.236:233 ... show more [Thu May 21 16:44:55.608284 2026] [php7:error] [pid 1228057:tid 1228057] [client 178.235.253.236:23361] script '/var/www/html/www.craccaaltesoro.it/adminer.php' not found or unable to stat show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 14:32:20 (2 weeks ago)	(mod_security) mod_security (id:210580) triggered by 178.235.253.236 (178235253236.slupsk.vectranet. ... show more (mod_security) mod_security (id:210580) triggered by 178.235.253.236 (178235253236.slupsk.vectranet.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 10:32:15.095297 2026] [security2:error] [pid 26832:tid 26832] [client 178.235.253.236:56003] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:u. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|fourminutedecision.com\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:u: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "fourminutedecision.com"] [uri "/index.php"] [unique_id "ag8Xb8J08nN1rprjTidxigAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-05-21 13:37:31 (2 weeks ago)	SQL injection attempt. 178.235.253.236 - - [21/May/2026:15:37:27 +0200] "GET /intezmenyek/kultura/20 ... show more SQL injection attempt. 178.235.253.236 - - [21/May/2026:15:37:27 +0200] "GET /intezmenyek/kultura/2015?month=9&view=archive&view=%27 HTTP/1.1" 499 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" show less	Web App Attack SQL Injection
🇩🇪 FeG Deutschland	2026-05-21 11:41:54 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇳🇱 Site.eu	2026-05-21 09:54:37 (2 weeks ago)	Excessive multi-domain requests	Brute-Force

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.191.1.92

🇺🇸 191.96.104.213

🇮🇩 34.101.35.63

🇺🇸 165.154.255.26

🇵🇰 103.26.82.174

🇸🇰 82.23.243.81

🇱🇹 62.60.130.14

🇨🇳 42.94.248.101

🇨🇳 42.56.41.137

🇭🇰 34.92.203.104

🇯🇵 8.216.82.69

🇨🇳 223.199.181.47

🇬🇧 196.242.89.87

🇨🇳 180.95.238.42

🇺🇸 135.237.126.209

🇭🇰 112.119.21.245

🇳🇱 103.75.221.249

🇦🇴 102.214.36.173

🇷🇺 89.109.48.55

🇳🇱 88.210.63.69