JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.180.118.86

157.180.118.86 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.86.118.180.157.clients.your-server.de
Domain Name	hetzner.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.180.118.86

Whois 157.180.118.86

IP Abuse Reports for 157.180.118.86:

This IP address has been reported a total of 22 times from 14 distinct sources. 157.180.118.86 was first reported on July 30th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-02-10 13:18:13 (4 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇸🇬 pusathosting.com	2026-01-30 01:36:03 (4 months ago)	2ds22 bruteforce	Brute-Force Web App Attack
🇵🇹 tiagozip	2026-01-22 17:21:19 (4 months ago)	open proxy	Open Proxy
🇵🇱 IROK	2026-01-21 06:11:47 (4 months ago)	Firewall Blocked - Unauthorized Port Scanning ...	Port Scan
🇳🇱 homeshowdomain.nl	2026-01-16 22:59:14 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-15. show less	Hacking Web App Attack SSH
Anonymous	2026-01-16 07:12:54 (5 months ago)	Forum/form spam	Web Spam
🇳🇱 homeshowdomain.nl	2026-01-15 22:59:35 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-15	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-01-15 11:17:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 06:16:59.284363 2026] [security2:error] [pid 1981113:tid 1981113] [client 157.180.118.86:53708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jhonbens.com"] [uri "/.git/config"] [unique_id "aWjMq4DjvKcMp-br2ss4nwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 08:30:59 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 03:30:56.342554 2026] [security2:error] [pid 12153:tid 12153] [client 157.180.118.86:53948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.infolinkqr.com"] [uri "/.git/config"] [unique_id "aWilwDKxaYHUkZwbbluhEQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-15 07:10:01 (5 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 05:52:28 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 00:52:23.380120 2026] [security2:error] [pid 25034:tid 25122] [client 157.180.118.86:41030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lavotel.com"] [uri "/.git/config"] [unique_id "aWiAl12UjyU6hHZinHymHgAAAcg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 04:54:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 23:54:38.260538 2026] [security2:error] [pid 2118:tid 2118] [client 157.180.118.86:49358] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kwtlaw.com"] [uri "/.git/config"] [unique_id "aWhzDkdHSj3j8uRvMFx_zwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 03:36:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 22:36:42.321094 2026] [security2:error] [pid 13752:tid 13752] [client 157.180.118.86:45114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kipdollar.com"] [uri "/.git/config"] [unique_id "aWhgynrK_qlaQEjvZk1cBAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 21:59:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 16:59:50.848814 2026] [security2:error] [pid 8728:tid 8728] [client 157.180.118.86:35964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandhage.com"] [uri "/.git/config"] [unique_id "aWgR1gjr3bvvBf6rs3N6cgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 21:35:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 157.180.118.86 (static.86.118.180.157.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 16:35:15.381620 2026] [security2:error] [pid 20782:tid 20782] [client 157.180.118.86:33056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samanthasomers.com"] [uri "/.git/config"] [unique_id "aWgME2A_fRW9ofgq6qiIbAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 129.121.85.48

🇺🇸 104.131.41.130

🇵🇹 89.153.125.230

🇮🇷 80.191.201.239

🇳🇱 45.142.193.122

🇯🇵 14.137.237.192

🇺🇸 138.197.10.169

🇨🇳 111.35.140.54

🇫🇷 51.68.34.131

🇨🇳 42.56.18.211

🇺🇸 35.212.247.100

🇬🇧 23.161.169.55

🇮🇳 20.41.234.209

🇨🇳 14.103.120.147

🇦🇹 152.53.33.156

🇨🇦 67.71.55.209

🇩🇪 45.135.193.193

🇨🇳 36.99.46.101

🇯🇵 180.197.149.155

🇺🇸 173.239.240.169