JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.78.95.85

5.78.95.85 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 43%: ?

43%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212317
Hostname(s)	static.85.95.78.5.clients.your-server.de
Domain Name	hetzner.com
Country	🇺🇸 United States of America
City	Hillsboro, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.78.95.85

Whois 5.78.95.85

IP Abuse Reports for 5.78.95.85:

This IP address has been reported a total of 9 times from 7 distinct sources. 5.78.95.85 was first reported on June 19th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 paulshipley.com.au	2026-06-22 05:18:48 (20 hours ago)	[Mon Jun 22 15:18:48.008591 2026] [security2:error] [pid 68710] [client 5.78.95.85:55162] [client 5. ... show more [Mon Jun 22 15:18:48.008591 2026] [security2:error] [pid 68710] [client 5.78.95.85:55162] [client 5.78.95.85] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dlcarterauthor.com"] [uri "/"] [unique_id "ajjFuG6Bw1yJ9XAzOEPFhwAAAAE"] ... show less	Web App Attack
🇬🇧 cybersteve99	2026-06-21 20:07:03 (1 day ago)	Too many 4xx Requests -	Brute-Force Web App Attack
🇩🇪 4server	2026-06-21 08:52:08 (1 day ago)	[SunJun2110:52:04.2568692026][security2:error][pid222249:tid222326][client5.78.95.85:0]ModSecurity:A ... show more [SunJun2110:52:04.2568692026][security2:error][pid222249:tid222326][client5.78.95.85:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"modularss.com\"][uri\"/\"][unique_id\"ajemNL5GKNIHCYX8N_uk3gAAARA\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-06-19 19:55:09 (3 days ago)	[FriJun1921:55:05.0072752026][security2:error][pid2406922:tid2407047][client5.78.95.85:0]ModSecurity ... show more [FriJun1921:55:05.0072752026][security2:error][pid2406922:tid2407047][client5.78.95.85:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mgpublishing.ch\"][uri\"/\"][unique_id\"ajWemWhsOIIUJpduVwqwFwAAAQ4\"] show less	Port Scan Brute-Force Web App Attack
🇮🇹 Progetto1	2026-06-19 13:05:02 (3 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇬🇷 setupgr	2026-06-19 10:57:44 (3 days ago)	(mod_security) mod_security (id:11000011) triggered by 5.78.95.85 (US/United States/Oregon/Hillsboro ... show more (mod_security) mod_security (id:11000011) triggered by 5.78.95.85 (US/United States/Oregon/Hillsboro/-/[AS212317 HETZNER-CLOUD3-AS]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 19 13:57:42.780962 2026] [security2:error] [pid 79894:tid 79923] [client 5.78.95.85:47670] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "clients.your-server.de" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: static.85.95.78.5.clients.your-server.de"] [severity "CRITICAL"] [hostname "sea-sound.com"] [uri "/"] [unique_id "ajUgpic2acK9dyAMRdLpRgAAAUI"] show less	Port Scan
🇷🇺 DZBOT	2026-06-19 10:44:15 (3 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇨🇭 4server	2026-06-19 08:40:17 (3 days ago)	[FriJun1910:40:10.6841262026][security2:error][pid2313091:tid2313293][client5.78.95.85:0]ModSecurity ... show more [FriJun1910:40:10.6841262026][security2:error][pid2313091:tid2313293][client5.78.95.85:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"hosting-ticino-svizzera.ch\"][uri\"/\"][unique_id\"ajUAalmxZinu7MecMGLDCwAAAIA\"] show less	Hacking Web App Attack
Anonymous	2026-06-19 05:48:34 (3 days ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.73.51.178

🇬🇧 209.38.166.81

🇧🇪 198.235.24.218

🇮🇳 192.178.119.28

🇬🇧 185.65.238.250

🇳🇱 165.22.203.204

🇺🇸 159.223.199.64

🇺🇸 135.237.127.76

🇧🇷 129.121.42.131

🇳🇱 91.92.40.4

🇨🇦 85.217.149.34

🇺🇸 64.62.156.49

🇺🇸 64.23.190.133

🇺🇸 50.118.254.242

🇺🇸 45.147.233.231

🇨🇳 42.226.71.167

🇨🇳 14.103.64.177

🇨🇳 220.197.85.77

🇻🇪 201.249.69.14

🇹🇼 198.235.24.58