JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.245.67.18

157.245.67.18 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 68%: ?

68%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.245.67.18

Whois 157.245.67.18

IP Abuse Reports for 157.245.67.18:

This IP address has been reported a total of 71 times from 56 distinct sources. 157.245.67.18 was first reported on December 20th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-10 12:21:56 (2 days ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 14522 [1] TCP	Port Scan
🇨🇳 pengpeng	2026-06-10 06:14:31 (3 days ago)	monitor: on VM-0-7-ubuntu \| port: 62822 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 62822 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 gbzret4d	2026-06-10 06:03:55 (3 days ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 49922 [1] TCP	Port Scan
🇰🇷 enp0s1	2026-06-10 01:30:56 (3 days ago)	Auto-reported by Fail2Ban (UFW Block, Port Scan)	Port Scan
🇫🇷 ✨	2026-06-09 23:34:08 (3 days ago)	Rule : Security Rule: Security Event: Security 0 - %592 157.245.67.18 44632 *hidden-privacy* ... show more Rule : Security Rule: Security Event: Security 0 - %592 157.245.67.18 44632 *hidden-privacy* 9922 6 243552 %597 13 show less	Port Scan Hacking Brute-Force
🇬🇧 gbzret4d	2026-06-09 23:33:53 (3 days ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 12022 [1] TCP	Port Scan
🇨🇳 pengpeng	2026-06-09 22:40:32 (3 days ago)	monitor: on VM-0-7-ubuntu \| port: 61622 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 61622 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-09 22:23:52 (3 days ago)	Blocked by UFW (TCP on 14922) Source port: 52939 TTL: 237 Packet length: 40 TOS: 0x14 This report ( ... show more Blocked by UFW (TCP on 14922) Source port: 52939 TTL: 237 Packet length: 40 TOS: 0x14 This report (for 157.245.67.18) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇳 Mr.Singh	2026-06-09 21:30:12 (3 days ago)	NFT blocked 157.245.67.18 on 10-Jun-2026..	Port Scan Brute-Force
🇫🇷 ISPLtd	2026-06-07 13:07:29 (5 days ago)	Jun 7 10:07:29 157.245.67.18 TCP SPT=61012 DPT=22 SYN ...	Port Scan SSH
🇩🇪 LRob.fr	2026-05-26 04:45:06 (2 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-25 16:01:40 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 157.245.67.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.245.67.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 12:01:33.764039 2026] [security2:error] [pid 20607:tid 20607] [client 157.245.67.18:57666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kompassconsulting.com"] [uri "/wp-config.php"] [unique_id "ahRyXT3LJEdZx0xG8CChkwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 15:33:00 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 157.245.67.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.245.67.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 11:32:52.556780 2026] [security2:error] [pid 23936:tid 23936] [client 157.245.67.18:64331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.yevid.com"] [uri "/wp-config.php"] [unique_id "ahHIpExiDoJyu6U8ApTXFAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-23 12:07:01 (3 weeks ago)	Fail2Ban apache-noscript	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-23 01:01:30 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 157.245.67.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 157.245.67.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 21:01:26.892771 2026] [security2:error] [pid 22369:tid 22375] [client 157.245.67.18:51843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ceresfund.com"] [uri "/wp-config.php"] [unique_id "ahD8ZhWf8RmMNgXUnkncYwAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 212.253.199.27

🇧🇷 189.30.231.20

🇩🇪 178.104.245.33

🇳🇱 176.65.139.103

🇺🇸 151.240.45.67

🇫🇮 147.185.133.121

🇩🇪 141.11.250.239

🇮🇳 103.38.219.22

🇷🇺 91.146.24.164

🇸🇬 47.79.206.127

🇺🇸 34.132.194.166

🇵🇰 223.123.43.6

🇳🇱 195.178.110.30

🇺🇸 156.244.46.207

🇨🇳 118.196.116.42

🇳🇱 45.156.128.169

🇬🇧 35.203.211.140

🇸🇬 34.87.182.153

🇮🇳 2405:201:a442:8039:498c:8ad6:e59d:98ae

🇨🇳 221.238.15.50