JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.230.97.122

157.230.97.122 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 82%: ?

82%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.230.97.122

Whois 157.230.97.122

IP Abuse Reports for 157.230.97.122:

This IP address has been reported a total of 22 times from 19 distinct sources. 157.230.97.122 was first reported on April 28th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Ba-Yu	2026-06-03 14:10:08 (1 day ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 dynamix	2026-06-03 13:26:14 (1 day ago)	Multiple WAF Violations	Web App Attack
🇬🇧 Oakley	2026-06-03 12:31:42 (1 day ago)	(mod_security) mod_security (id:900191) triggered by 157.230.97.122 (DE/Germany/-): 5 in the last 90 ... show more (mod_security) mod_security (id:900191) triggered by 157.230.97.122 (DE/Germany/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇪🇸 robotstxt	2026-06-03 11:08:12 (1 day ago)	157.230.97.122 - - [03/Jun/2026:11:08:05 +0000] "GET /cgi-bin/bypass.php HTTP/1.1" 404 548 "-" "Mozi ... show more 157.230.97.122 - - [03/Jun/2026:11:08:05 +0000] "GET /cgi-bin/bypass.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" "-" 157.230.97.122 - - [03/Jun/2026:11:08:05 +0000] "GET /wp-signup.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" "-" 157.230.97.122 - - [03/Jun/2026:11:08:09 +0000] "GET /cgi-bin/class.api.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" "-" 157.230.97.122 - - [03/Jun/2026:11:08:10 +0000] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" "-" 157.230.97.122 - - [03/Jun/2026:11:08:11 +0000] "GET /cgi-bin/index.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 ... show less	Bad Web Bot
🇸🇬 pusathosting.com	2026-06-03 10:15:03 (1 day ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇦🇺 aranguren.org	2026-06-03 10:02:29 (1 day ago)	157.230.97.122 - - [03/Jun/2026:20:02:28 +1000] "GET /bless.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (W ... show more 157.230.97.122 - - [03/Jun/2026:20:02:28 +1000] "GET /bless.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" 157.230.97.122 - - [03/Jun/2026:20:02:28 +1000] "GET /O-Simple.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 157.230.97.122 - - [03/Jun/2026:20:02:28 +1000] "GET /lock360.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0" 157.230.97.122 - - [03/Jun/2026:20:02:28 +1000] "GET /zwso.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 157.230.97.122 - - [03/Jun/2026:20:02:29 +1000] "GET /chosen.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 157.230.97.122 - - [03/Jun/2026:20:02:29 +1000] "GET ... show less	Bad Web Bot
🇫🇮 inlink.ltd	2026-06-03 07:40:16 (1 day ago)	Known malicious PHP file or CMS probe	Web App Attack
🇳🇱 Savvii	2026-06-03 07:21:32 (1 day ago)	20 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 06:43:10 (1 day ago)	(mod_security) mod_security (id:240000) triggered by 157.230.97.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240000) triggered by 157.230.97.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:43:04.767431 2026] [security2:error] [pid 14263:tid 14263] [client 157.230.97.122:58324] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|afscmelocal2794.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "afscmelocal2794.com"] [uri "/images/stories/themes.php"] [unique_id "ah_M-EuidjqQhotI87C6GgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-03 06:12:11 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 rwgomes	2026-06-02 14:25:46 (2 days ago)	Automated report from Intelligence Finance Tools. IP probed malicious path: /worm.PhP. No such resou ... show more Automated report from Intelligence Finance Tools. IP probed malicious path: /worm.PhP. No such resource exists on this server. show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-02 13:32:03 (2 days ago)	(mod_security) mod_security (id:240000) triggered by 157.230.97.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240000) triggered by 157.230.97.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:31:57.577998 2026] [security2:error] [pid 11444:tid 11471] [client 157.230.97.122:51878] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|castaspell.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "castaspell.com"] [uri "/images/stories/themes.php"] [unique_id "ah7bTRrmvKvKg9ErwpH3uAAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-02 11:51:37 (2 days ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 xmission.com	2026-04-29 00:21:08 (1 month ago)	Blocked by UFW (TCP on 55555) Source port: 61004 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 55555) Source port: 61004 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 157.230.97.122) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 ISPLtd	2026-04-28 23:47:38 (1 month ago)	Apr 28 17:47:37 157.230.97.122 TCP SPT=61013 DPT=22 SYN ...	Port Scan SSH

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.92.186

🇳🇱 45.148.10.141

🇩🇪 213.209.159.56

🇬🇧 195.140.214.26

🇦🇷 181.191.28.61

🇧🇷 177.200.152.35

🇨🇳 114.238.193.23

🇭🇰 103.210.21.242

🇱🇹 81.30.98.142

🇺🇸 44.211.233.141

🇺🇸 34.237.52.41

🇺🇸 209.250.4.210

🇪🇹 196.189.51.246

🇧🇴 181.188.176.242

🇺🇾 179.25.52.204

🇸🇪 146.247.234.26

🇫🇮 34.88.114.37

🇺🇸 13.220.190.179

🇫🇷 195.177.94.239

🇧🇷 177.215.134.250