JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.245.218.56

188.245.218.56 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 0%: ?

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.56.218.245.188.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.245.218.56

Whois 188.245.218.56

IP Abuse Reports for 188.245.218.56:

This IP address has been reported a total of 39 times from 16 distinct sources. 188.245.218.56 was first reported on December 5th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 mrcrassi	2026-02-03 21:20:09 (4 months ago)	Triggered Cloudflare WAF (botFight) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.0 (GET ... show more Triggered Cloudflare WAF (botFight) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.0 (GET method) Endpoint: /blog/faac-technologies-fortalece-presenca-na-america-latina-com-a-aquisicao-de-participacao-majoritaria-na-garen-automacao-s-a/ UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-27 03:22:20 (4 months ago)	(mod_security) mod_security (id:217210) triggered by 188.245.218.56 (static.56.218.245.188.clients.y ... show more (mod_security) mod_security (id:217210) triggered by 188.245.218.56 (static.56.218.245.188.clients.your-server.de): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 22:22:13.001283 2026] [security2:error] [pid 18418:tid 18418] [client 188.245.218.56:33468] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.caralis.com:443\|F\|4"] [data "CONNECT www.caralis.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.caralis.com"] [uri "/"] [unique_id "aXgvZB0Dts1ws4nRBkWzMgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-26 22:24:47 (4 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇳🇱 jjnxpct	2026-01-20 05:52:44 (5 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: / (Rule ID: 911100) - Method is not allowed by policy show less	Web App Attack
🇷🇸 Smel	2026-01-20 00:07:05 (5 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇨🇭 Origon	2026-01-18 19:41:14 (5 months ago)	http-open-proxy - IP: 188.245.218.56 - time="2026-01-18T20:41:13+01:00" level=info msg="(555f66b4f6 ... show more http-open-proxy - IP: 188.245.218.56 - time="2026-01-18T20:41:13+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-open-proxy by ip 188.245.218.56 (DE/24940) : 4h ban on Ip 188.245.218.56" module=db show less	Web App Attack
🇺🇸 jkhorvath.com	2026-01-17 23:57:53 (5 months ago)	Request for URL https:/www.jkhorvath.com/usage/usage_201912.html	Phishing Brute-Force Web App Attack
🇩🇪 bescared	2026-01-17 09:59:11 (5 months ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-01-16 22:59:30 (5 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-15. show less	Hacking Web App Attack SSH
🇳🇱 homeshowdomain.nl	2026-01-15 23:00:19 (5 months ago)	Auto-ban: >3000 req/min op 2026-01-15	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-01-15 10:59:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 188.245.218.56 (static.56.218.245.188.clients.y ... show more (mod_security) mod_security (id:210492) triggered by 188.245.218.56 (static.56.218.245.188.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 05:59:07.248172 2026] [security2:error] [pid 2054:tid 2054] [client 188.245.218.56:48844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jeffreyasweeney.com"] [uri "/.git/config"] [unique_id "aWjIe4BGJrUlAMObWEa_AgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-01-15 04:23:16 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 188.245.218.56 (DE/Germany/static.5 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 188.245.218.56 (DE/Germany/static.56.218.245.188.clients.your-server.de): 1 in the last 3600 secs show less	Web App Attack
🇧🇪 madeit	2026-01-02 22:29:06 (5 months ago)		Web App Attack
🇫🇷 MatStef132	2025-12-30 02:00:10 (5 months ago)	Malicious activity detected (1358 incidents). IP has been blacklisted.	DDoS Attack Port Scan
🇫🇷 MatStef132	2025-12-30 01:35:49 (5 months ago)	Malicious activity detected (1349 incidents). IP has been blacklisted.	DDoS Attack Port Scan

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.131.5.202

🇺🇸 198.46.168.51

🇨🇳 121.40.169.125

🇹🇼 116.59.11.86

🇺🇸 47.251.243.210

🇺🇸 44.227.168.230

🇺🇸 44.165.236.144

🇨🇭 209.99.185.239

🇳🇱 176.65.139.181

🇩🇪 152.53.22.186

🇺🇸 147.185.132.28

🇺🇸 141.11.88.102

🇺🇸 135.119.27.130

🇺🇸 97.211.104.169

🇱🇹 81.30.98.62

🇺🇸 73.36.177.174

🇱🇹 62.60.130.237

🇲🇾 47.250.81.6

🇺🇸 44.104.119.216

🇧🇪 198.235.24.255