JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.124.18

157.22.124.18 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 31%: ?

31%

ISP	Apex Data Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	apexdatasolutions.online
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.124.18

Whois 157.22.124.18

IP Abuse Reports for 157.22.124.18:

This IP address has been reported a total of 10 times from 7 distinct sources. 157.22.124.18 was first reported on December 27th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 ptlab	2026-06-25 12:45:41 (2 hours ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 23:49:52 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:49:49.658525 2026] [security2:error] [pid 18587:tid 18680] [client 157.22.124.18:39207] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|earthtravel.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "earthtravel.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajCPnZJFzmBCyGEhUUx0bwAAARM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-06-14 21:30:17 (1 week ago)	WordPress login attempt	Brute-Force
Anonymous	2026-06-02 19:10:53 (3 weeks ago)	[redacted] 157.22.124.18 - - [02/Jun/2026:21:10:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "A ... show more [redacted] 157.22.124.18 - - [02/Jun/2026:21:10:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Apache-HttpClient/4.5.13 (Java/17.0.18)" [redacted] 157.22.124.18 - - [02/Jun/2026:21:10:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Apache-HttpClient/4.5.13 (Java/17.0.18)" [redacted] 157.22.124.18 - - [02/Jun/2026:21:10:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Apache-HttpClient/4.5.13 (Java/17.0.18)" [redacted] 157.22.124.18 - - [02/Jun/2026:21:10:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Apache-HttpClient/4.5.13 (Java/17.0.18)" [redacted] 157.22.124.18 - - [02/Jun/2026:21:10:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Apache-HttpClient/4.5.13 (Java/17.0.18)" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 18:28:40 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:28:33.832096 2026] [security2:error] [pid 675:tid 675] [client 157.22.124.18:51695] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|donnysimonton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "donnysimonton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah8g0RsGiPJz61B0UrU-dAAAABw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 23:27:06 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 19:27:01.375154 2026] [security2:error] [pid 11573:tid 11573] [client 157.22.124.18:57485] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|interiorsolutions-stuart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "interiorsolutions-stuart.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah4VRWnNzwk96hwoZpzBTgAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-25 21:57:29 (4 weeks ago)	FPROCO WEBEXPLOIT 157.22.124.18 (157.22.124.18)	Web App Attack
🇩🇪 kjaerulff	2026-05-13 17:52:47 (1 month ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇨🇭 backslash	2025-12-29 05:30:05 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-27 02:52:03 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.124.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 21:51:58.776283 2025] [security2:error] [pid 17359:tid 17359] [client 157.22.124.18:64723] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aU9Jzh3L9eAjtxEEa635uwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.22.162.48

🇮🇩 103.97.101.25

🇫🇷 91.196.152.211

🇺🇦 85.137.57.233

🇺🇸 52.5.242.243

🇳🇱 45.148.10.151

🇺🇸 45.86.211.4

🇳🇱 35.204.214.1

🇬🇧 35.203.210.108

🇺🇸 35.203.159.226

🇻🇳 27.79.40.38

🇸🇬 20.6.35.235

🇺🇸 139.144.239.98

🇺🇸 134.209.127.72

🇵🇭 119.92.70.82

🇺🇸 52.188.86.144

🇻🇳 14.191.95.213

🇫🇷 13.140.190.152

🇺🇸 2607:ff10:c8:594::e

🇷🇺 95.27.133.237