JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.173.109.225

157.173.109.225 was found in our database!

This IP was reported 63 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3381586.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.173.109.225

Whois 157.173.109.225

IP Abuse Reports for 157.173.109.225:

This IP address has been reported a total of 63 times from 31 distinct sources. 157.173.109.225 was first reported on November 15th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 francoisunix	2026-06-24 00:37:49 (5 hours ago)	157.173.109.225 - - [24/Jun/2026:02:35:46 +0200] "GET //wp-admin/css/colors/ HTTP/1.1" 403 548 "-" " ... show more 157.173.109.225 - - [24/Jun/2026:02:35:46 +0200] "GET //wp-admin/css/colors/ HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "157.173.109.225" "www.eco-conscient.com" sn="www.eco-conscient.com" rt=0.000 ua="-" us="-" ut="-" ul="-" cs=-cf_country="FR" cf_region="Grand Est" cf_city="Lauterbourg"rip=127.0.0.1 cf_ip=157.173.109.225 xff="157.173.109.225" p_xff="157.173.109.225, 157.173.109.225" 157.173.109.225 - - [24/Jun/2026:02:35:49 +0200] "GET //wp-admin/css/colors/blue/ HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "157.173.109.225" "www.eco-conscient.com" sn="www.eco-conscient.com" rt=0.000 ua="-" us="-" ut="-" ul="-" cs=-cf_country="FR" cf_region="Grand Est" cf_city="Lauterbourg"rip=127.0.0.1 cf_ip=157.173.109.225 xff="157.173.109.225" p_xff="157.173.109.225, 157.173.109.225" 157.173.109.225 - - [24/Jun/202 ... show less	Web App Attack
🇫🇷 Baking333	2026-06-23 22:56:56 (6 hours ago)	[redacted] 157.173.109.225 - - [23/Jun/2026:23:52:52 +0100] "GET /wp-includes/[redacted] HTTP/2.0" 5 ... show more [redacted] 157.173.109.225 - - [23/Jun/2026:23:52:52 +0100] "GET /wp-includes/[redacted] HTTP/2.0" 500 41 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 157.173.109.225 - - [23/Jun/2026:23:56:54 +0100] "GET /cgi-bin/ HTTP/2.0" 301 72 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-06-23 20:32:44 (9 hours ago)	157.173.109.225 - - [23/Jun/2026:21:32:42 +0100] "GET /cgi-bin/ HTTP/2.0" 404 994 "-" "Mozilla/5.0 ( ... show more 157.173.109.225 - - [23/Jun/2026:21:32:42 +0100] "GET /cgi-bin/ HTTP/2.0" 404 994 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot
🇩🇪 itsolon	2026-06-23 19:19:46 (10 hours ago)	[Tue Jun 23 21:19:16.392909 2026] [authz_core:error] [pid 504466:tid 134138564683456] [client 157.17 ... show more [Tue Jun 23 21:19:16.392909 2026] [authz_core:error] [pid 504466:tid 134138564683456] [client 157.173.109.225:0] AH01630: client denied by server configuration: /var/www/vhosts/treinen-ing.de/httpdocs/wp-content/upgrade/ [Tue Jun 23 21:19:28.810647 2026] [authz_core:error] [pid 378199:tid 134139117344448] [client 157.173.109.225:0] AH01630: client denied by server configuration: /var/www/vhosts/treinen-ing.de/httpdocs/wp-content/themes/ [Tue Jun 23 21:19:38.162355 2026] [authz_core:error] [pid 378199:tid 134138111706816] [client 157.173.109.225:0] AH01630: client denied by server configuration: /var/www/vhosts/treinen-ing.de/httpdocs/.well-known [Tue Jun 23 21:19:43.073998 2026] [authz_core:error] [pid 504466:tid 134138598254272] [client 157.173.109.225:0] AH01630: client denied by server configuration: /var/www/vhosts/treinen-ing.de/httpdocs/uploads [Tue Jun 23 21:19:46.473054 2026] [authz_core:error] [pid 378199:tid 134138539538112] [client 157.173.109.225:0] AH01630: client denied b ... show less	Brute-Force
🇳🇱 Site.eu	2026-06-23 11:58:21 (17 hours ago)	Excessive multi-domain requests	Brute-Force
🇯🇵 S.O.B.A. Dev.	2026-06-23 09:49:26 (20 hours ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇳🇿 Antinson	2026-06-23 09:04:59 (20 hours ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇬🇷 setupgr	2026-06-23 04:17:36 (1 day ago)	(mod_security) mod_security (id:11000011) triggered by 157.173.109.225 (DE/Germany/Hesse/Frankfurt a ... show more (mod_security) mod_security (id:11000011) triggered by 157.173.109.225 (DE/Germany/Hesse/Frankfurt am Main/-/[AS51167 CONTABO]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 23 07:17:35.998525 2026] [security2:error] [pid 1934693:tid 1934804] [client 157.173.109.225:64081] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "contaboserver.net" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: vmi3381586.contaboserver.net"] [severity "CRITICAL"] [hostname "babis.photo"] [uri "/wp-admin/"] [unique_id "ajoI32yIwtP6yf56A0rFBgAAAEg"] show less	Port Scan
🇸🇬 lancernz	2026-06-23 01:16:47 (1 day ago)	Auto-detected: 88 hits on classicmotorracingclub.nz within 100 log lines. Blocked by Cowork server m ... show more Auto-detected: 88 hits on classicmotorracingclub.nz within 100 log lines. Blocked by Cowork server monitoring. show less	Web App Attack
🇺🇸 Mundo Bueno	2026-06-23 00:48:57 (1 day ago)	[ISILIA Protection v2.1] Tentative d'accès: /cgi-bin/ \| Pays: FR \| UA: Mozilla/5.0 (Windows NT 10.0; ... show more [ISILIA Protection v2.1] Tentative d'accès: /cgi-bin/ \| Pays: FR \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Sa show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-22 22:49:04 (1 day ago)	(mod_security) mod_security (id:11000011) triggered by 157.173.109.225 (DE/Germany/Hesse/Frankfurt a ... show more (mod_security) mod_security (id:11000011) triggered by 157.173.109.225 (DE/Germany/Hesse/Frankfurt am Main/-/[AS51167 CONTABO]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 23 01:49:00.424181 2026] [security2:error] [pid 2059052:tid 2059087] [client 157.173.109.225:54999] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "contaboserver.net" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: vmi3381586.contaboserver.net"] [severity "CRITICAL"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-admin/"] [unique_id "ajm73FNPFwkSkEkc_m3YygAAAQg"] show less	Port Scan
🇬🇷 setupgr	2026-06-22 21:00:49 (1 day ago)	(mod_security) mod_security (id:11000011) triggered by 157.173.109.225 (DE/Germany/Hesse/Frankfurt a ... show more (mod_security) mod_security (id:11000011) triggered by 157.173.109.225 (DE/Germany/Hesse/Frankfurt am Main/-/[AS51167 CONTABO]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 23 00:00:48.296552 2026] [security2:error] [pid 1934693:tid 1934870] [client 157.173.109.225:62313] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "contaboserver.net" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: vmi3381586.contaboserver.net"] [severity "CRITICAL"] [hostname "cpanagiotou.gr"] [uri "/wp-admin/"] [unique_id "ajmigGyIwtP6yf56A0q92QAAAFg"] show less	Port Scan
🇺🇸 dtorrer	2026-06-22 20:11:25 (1 day ago)	General vulnerability scan.	Port Scan
🇳🇱 Site.eu	2026-06-22 10:18:10 (1 day ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 Site.eu	2026-06-22 08:28:20 (1 day ago)	Excessive multi-domain requests	Brute-Force

Showing 1 to 15 of 63 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.36

🇬🇧 198.244.168.208

🇺🇸 193.36.231.127

🇲🇽 187.174.207.66

🇨🇳 117.21.93.91

🇵🇭 112.208.177.241

🇧🇩 103.178.30.251

🇺🇸 91.230.168.239

🇫🇷 91.196.152.210

🇳🇱 45.142.193.161

🇦🇪 5.32.61.6

🇺🇸 3.131.24.55

🇬🇧 212.227.125.15

🇳🇱 193.176.31.240

🇧🇷 179.184.85.167

🇺🇸 172.253.8.146

🇳🇱 164.92.215.178

🇭🇰 152.32.226.203

🇦🇫 149.54.15.126

🇺🇸 104.152.52.214