JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.97.132.199

157.97.132.199 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	NET1 GmbH
Usage Type	Fixed Line ISP
ASN	AS6866
Domain Name	net1.de
Country	🇨🇾 Cyprus
City	Nicosia, Nicosia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.97.132.199

Whois 157.97.132.199

IP Abuse Reports for 157.97.132.199:

This IP address has been reported a total of 22 times from 21 distinct sources. 157.97.132.199 was first reported on April 22nd 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-01-22 13:40:06 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 Baking333	2026-01-20 11:56:59 (5 months ago)	[redacted] 157.97.132.199 - - [20/Jan/2026:12:56:57 +0100] "GET /wp-admin/css/ HTTP/1.1" 301 4331 0/ ... show more [redacted] 157.97.132.199 - - [20/Jan/2026:12:56:57 +0100] "GET /wp-admin/css/ HTTP/1.1" 301 4331 0/283 "[redacted]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" [redacted] 157.97.132.199 - - [20/Jan/2026:12:56:58 +0100] "GET /wp-admin/css HTTP/1.1" 302 5253 0/32013 "[redacted]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-01-20 10:05:30 (5 months ago)	Too many Status 40X (41)	Brute-Force Web App Attack
🇺🇸 rdpguard.com	2026-01-20 09:25:28 (5 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
Anonymous	2026-01-13 00:00:56 (5 months ago)	Aggressive web scan	SQL Injection Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-09-19 11:47:04 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇷🇺 avaio-media	2025-06-16 14:28:35 (1 year ago)		Brute-Force
🇵🇱 sefinek.net	2025-04-21 04:01:53 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from CY. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CY. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /status UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.6.16 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-04-20 21:01:13 (1 year ago)	(mod_security) mod_security (id:210410) triggered by 157.97.132.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210410) triggered by 157.97.132.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 20 17:01:05.737381 2025] [security2:error] [pid 23227:tid 23227] [client 157.97.132.199:60657] [client 157.97.132.199] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:error outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|amaia.portalvasco.com\|F\|3"] [data "ARGS:error=<a href=\\x22javascript&\\x00colon;alert(document.domain)\\x22>Return to application</a>"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "amaia.portalvasco.com"] [uri "/auth/realms/master/protocol/openid-connect/oauth/oob"] [unique_id "aAVgkRfFmJ1HRNT0OqiR0AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2025-04-20 14:24:05 (1 year ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
Anonymous	2025-04-20 13:10:01 (1 year ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack
🇨🇭 backslash	2025-04-20 04:44:03 (1 year ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-04-20 00:56:12 (1 year ago)	(mod_security) mod_security (id:210410) triggered by 157.97.132.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210410) triggered by 157.97.132.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 20:56:08.311550 2025] [security2:error] [pid 14570:tid 14570] [client 157.97.132.199:63112] [client 157.97.132.199] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:error outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|www.woodstovesalaska.stevestoyostove.com\|F\|3"] [data "ARGS:error=<a href=\\x22javascript&\\x00colon;alert(document.domain)\\x22>Return to application</a>"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "www.woodstovesalaska.stevestoyostove.com"] [uri "/auth/realms/master/protocol/openid-connect/oauth/oob"] [unique_id "aARGKGN4PIeM3NqQplMAMQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 penjaga BRIN	2025-04-20 00:14:06 (1 year ago)	Suspicious URL access.-111	Web App Attack
Anonymous	2025-04-19 22:52:43 (1 year ago)	Aggressive web scan	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e8b:8001

🇹🇼 110.25.112.150

🇳🇱 89.21.67.165

🇺🇸 69.63.184.143

🇦🇺 34.87.202.175

🇫🇷 5.196.106.17

🇨🇳 222.195.92.204

🇮🇳 203.200.74.18

🇨🇳 182.105.123.10

🇺🇸 148.153.32.64

🇨🇳 118.178.234.247

🇰🇷 115.178.75.243

🇨🇳 111.9.22.102

🇮🇳 103.176.160.146

🇧🇩 103.124.110.96

🇳🇱 91.92.40.240

🇧🇬 78.83.249.54

🇺🇸 69.63.184.140

🇺🇸 52.186.178.175

🇺🇸 43.166.255.122