JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.224.163.157

46.224.163.157 was found in our database!

This IP was reported 233 times. Confidence of Abuse is 7%: ?

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.157.163.224.46.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.224.163.157

Whois 46.224.163.157

IP Abuse Reports for 46.224.163.157:

This IP address has been reported a total of 233 times from 160 distinct sources. 46.224.163.157 was first reported on March 26th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇪 chinovaso	2026-05-07 09:24:57 (1 month ago)	WFA blocked IP on photoderm.org \| Reason: Retro auto-block (all-time): 8 offenses. Last: Matched Pat ... show more WFA blocked IP on photoderm.org \| Reason: Retro auto-block (all-time): 8 offenses. Last: Matched Pattern: <script> \| Observed: 8 WFA hits, first=2026-03-26 18:03:56, last=2026-03-26 18:04:01, max_risk=100 \| Recent evidence: GET / risk=100 rule=Matched Pattern: ..\ at 2026-03-26 18:04:01 ; GET / risk=100 rule=Matched Pattern: <script> at 2026-03-26 18:04:01 ; GET / risk=100 rule=Matched Pattern: <script> at 2026-03-26 18:03:59 \| No request payload or personal data included. show less	Web App Attack
🇮🇳 evicky2002	2026-04-30 13:04:29 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
Anonymous	2026-04-03 09:22:28 (2 months ago)	FortiWeb WAF: 52 attacks detected. Threat Score: 17800. Types: Client Management(26), Block IP List( ... show more FortiWeb WAF: 52 attacks detected. Threat Score: 17800. Types: Client Management(26), Block IP List(26). Origin: Germany. show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-04-03 05:14:58 (2 months ago)	379 attacks on directory traversals, config grabbing URLs (type 2), Laravel URLs, deployment descrip ... show more 379 attacks on directory traversals, config grabbing URLs (type 2), Laravel URLs, deployment descriptor URLs, PHP URLs, VC URLs, config grabbing URLs, env grabbing URLs: GET /..env.swp HTTP/1.1 GET /db/robomongo.json HTTP/1.1 GET /_ignition/execute-solution HTTP/1.1 GET /WEB-INF/web.xml HTTP/1.1 GET /wp-config.php HTTP/1.1 GET /.git/config HTTP/1.1 GET /.DS_Store HTTP/1.1 GET /.env HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 mschimpf	2026-04-02 17:45:00 (2 months ago)		Web App Attack
Anonymous	2026-04-02 15:27:59 (2 months ago)	[Thu Apr 02 17:26:58.787462 2026] [proxy_fcgi:error] [pid 190161:tid 190211] [client 46.224.163.157: ... show more [Thu Apr 02 17:26:58.787462 2026] [proxy_fcgi:error] [pid 190161:tid 190211] [client 46.224.163.157:63916] AH01071: Got error 'Primary script unknown' [Thu Apr 02 17:27:02.208030 2026] [proxy_fcgi:error] [pid 190161:tid 190196] [client 46.224.163.157:63916] AH01071: Got error 'Primary script unknown' [Thu Apr 02 17:27:03.731580 2026] [proxy_fcgi:error] [pid 190161:tid 190204] [client 46.224.163.157:63916] AH01071: Got error 'Primary script unknown' [Thu Apr 02 17:27:57.928529 2026] [proxy_fcgi:error] [pid 49494:tid 49619] [client 46.224.163.157:50016] AH01071: Got error 'Primary script unknown' [Thu Apr 02 17:27:58.259733 2026] [proxy_fcgi:error] [pid 49494:tid 49618] [client 46.224.163.157:50016] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Web App Attack
🇬🇧 SilverZippo	2026-04-02 14:42:10 (2 months ago)	Web App Attack	Web App Attack
🇫🇮 oh.mg	2026-04-02 14:19:25 (2 months ago)	[Thu Apr 02 16:19:23.243724 2026] [security2:error] [pid 3830154:tid 3830178] [client 46.224.163.157 ... show more [Thu Apr 02 16:19:23.243724 2026] [security2:error] [pid 3830154:tid 3830178] [client 46.224.163.157:28380] [client 46.224.163.157] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.on.ca"] [uri "/phpinfo.php"] [unique_id "ac5669bW-485PmYzmFBbpAAAAJY"] [Thu Apr 02 16:19:24.670438 2026] [security2:error] [pid 3830154:tid 3830157] [client 46.224.163.157:28380] [client 46.224.163.157] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] ... show less	Web App Attack Bad Web Bot
🇩🇪 Kreapptivo	2026-04-02 13:28:51 (2 months ago)	[02/Apr/2026:15:28:46 +0200] Web-Request: "GET /.well-known/assetlinks.json", User-Agent: "Mozilla/5 ... show more [02/Apr/2026:15:28:46 +0200] Web-Request: "GET /.well-known/assetlinks.json", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0" show less	Bad Web Bot Web App Attack
🇩🇪 akasolutions.de	2026-04-02 12:57:19 (2 months ago)	(mod_security) mod_security triggered on hostname [redacted] 46.224.163.157 (DE/Germany/static.157.1 ... show more (mod_security) mod_security triggered on hostname [redacted] 46.224.163.157 (DE/Germany/static.157.163.224.46.clients.your-server.de) show less	SQL Injection
🇳🇱 Savvii	2026-04-02 12:28:56 (2 months ago)	49 attempts against mh-misbehave-ban on tin	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-04-02 12:06:22 (2 months ago)	Blocking for trying to access an exploit file: /config.php	Hacking
🇩🇪 todix	2026-04-02 11:46:39 (2 months ago)	Web App Attack Exploid from 46.224.163.157	Web App Attack
🇩🇪 burlacu.org	2026-04-02 11:15:06 (2 months ago)	Nginx multi-log analysis detected: wordpress_scan. Evidence: WordPress config file access (multi-log ... show more Nginx multi-log analysis detected: wordpress_scan. Evidence: WordPress config file access (multi-log) with 2 attempts occurrences. Blocked automatically. show less	Web App Attack Bad Web Bot
Anonymous	2026-04-02 11:06:51 (2 months ago)		Web App Attack

Showing 1 to 15 of 233 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.48.1.102

🇩🇪 88.99.38.128

🇳🇱 45.148.10.157

🇺🇸 2606:65c0:40:35e:54a7:ed88:7f40:484c

🇮🇩 103.84.228.5

🇫🇷 85.217.140.26

🇩🇪 69.5.169.7

🇩🇪 69.5.169.6

🇺🇸 2607:f8b0:400e:c07::129

🇺🇸 207.90.244.17

🇺🇸 205.210.31.79

🇸🇬 194.233.69.85

🇩🇿 154.241.140.163

🇷🇺 46.151.242.210

🇦🇹 45.137.172.116

🇻🇳 171.245.202.137

🇧🇷 128.201.0.153

🇺🇸 100.28.191.174

🇫🇷 91.231.89.236

🇺🇸 66.132.172.189