JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.16.63

157.22.16.63 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 26%: ?

26%

ISP	Apex Data Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	apexdatasolutions.online
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.16.63

Whois 157.22.16.63

IP Abuse Reports for 157.22.16.63:

This IP address has been reported a total of 11 times from 7 distinct sources. 157.22.16.63 was first reported on March 3rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 08:45:58 (1 day ago)	(mod_security) mod_security (id:218580) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:218580) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:45:54.832506 2026] [security2:error] [pid 23897:tid 23897] [client 157.22.16.63:43131] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:delivery. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|www.poland-yacht-registration.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "www.poland-yacht-registration.com"] [uri "/polish-yacht-registration-form.html"] [unique_id "aiUvwjncSdY8zPHTVa54jAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 10:22:59 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 06:22:52.836167 2026] [security2:error] [pid 8514:tid 8514] [client 157.22.16.63:13037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|unaweep.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "unaweep.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahlo_PKwp-8A8KAt4MJMDQAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-05-27 00:02:42 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 12:18:57 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:18:52.487286 2026] [security2:error] [pid 19053:tid 19053] [client 157.22.16.63:13379] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|indie100.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "indie100.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag2mrOksRucFJZebjGmO_wAAACg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 pamircil	2026-05-12 05:02:55 (3 weeks ago)	🍯 WinnieThePooh Honeypot : POST request to '/xmlrpc.php' on (http/80)💀	SSH Brute-Force Hacking
🇺🇸 TPI-Abuse	2026-05-11 07:17:04 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 03:17:00.035504 2026] [security2:error] [pid 9115:tid 9115] [client 157.22.16.63:32949] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agGCbNXil5qcBqyKVdegxQAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 07:48:31 (4 weeks ago)	(mod_security) mod_security (id:218580) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:218580) triggered by 157.22.16.63 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 03:48:24.246905 2026] [security2:error] [pid 20455:tid 20455] [client 157.22.16.63:33105] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:d. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|caferutadelaseda.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "caferutadelaseda.com"] [uri "/detalle.php"] [unique_id "af7myDxiQ-CfpTQazn5hewAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 netclix.gr	2026-05-06 21:51:21 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 157.22.16.63 (GB/United Kingdom/-): (C ... show more (mod_security) mod_security triggered on hostname [redacted] 157.22.16.63 (GB/United Kingdom/-): (CF_ENABLE) show less	SQL Injection
🇩🇪 R.G.	2026-04-17 12:34:01 (1 month ago)	(XMLRPCorWHATEVER) Get lost please 157.22.16.63 (GB/United Kingdom/-): 3 in the last 900 secs; Ports ... show more (XMLRPCorWHATEVER) Get lost please 157.22.16.63 (GB/United Kingdom/-): 3 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 big-cloud.nl	2026-03-29 01:25:59 (2 months ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-03-03 07:26:57 (3 months ago)	[redacted] 157.22.16.63 - - [03/Mar/2026:08:26:53 +0100] "POST /xmlrpc.php HTTP/1.1" 200 132 "-" "Ap ... show more [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:53 +0100] "POST /xmlrpc.php HTTP/1.1" 200 132 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:53 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:54 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:54 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:55 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:55 +0100] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" [redacted] 157.22.16.63 - - [03/Mar/2026:08:26:56 +0100] "POST /xmlrpc.php H ... show less	Hacking Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.206.40

🇮🇹 158.173.77.78

🇱🇹 81.30.98.144

🇩🇪 64.89.163.134

🇺🇸 34.174.219.33

🇳🇱 2a00:1450:4013:c02::12a

🇳🇱 190.2.135.111

🇺🇸 172.67.160.139

🇮🇹 158.173.77.113

🇮🇹 158.173.77.85

🇺🇸 91.193.232.244

🇺🇸 72.42.253.12

🇨🇳 42.180.4.166

🇮🇹 158.173.77.205

🇹🇭 150.95.27.209

🇨🇳 116.168.33.91

🇺🇸 96.78.175.36

🇷🇺 95.108.213.251

🇳🇱 45.148.10.152

🇮🇹 158.173.77.100