JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 166.1.131.157

166.1.131.157 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 13%: ?

13%

ISP	Ace Data Centers, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	acedatacenter.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 166.1.131.157

Whois 166.1.131.157

IP Abuse Reports for 166.1.131.157:

This IP address has been reported a total of 7 times from 6 distinct sources. 166.1.131.157 was first reported on August 3rd 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-29 01:38:55 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 166.1.131.157 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 166.1.131.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 21:38:48.545985 2026] [security2:error] [pid 9639:tid 9639] [client 166.1.131.157:32569] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|charamand.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "charamand.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahjuKN5WB1zMS0uSrESIhwAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-25 04:28:05 (1 week ago)	Web password guessing	Brute-Force
🇪🇸 Cognisant-Security	2026-04-04 09:51:00 (2 months ago)	Attempts to login WordPress with invalid user credentials	Web App Attack Hacking
🇨🇦 wil.com	2025-04-01 10:35:49 (1 year ago)	GlobalProtect login attempts with user rgoodwin.	VPN IP Brute-Force
🇺🇸 TPI-Abuse	2025-02-11 03:14:43 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 166.1.131.157 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 166.1.131.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 10 22:14:27.062212 2025] [security2:error] [pid 31897:tid 31897] [client 166.1.131.157:53547] [client 166.1.131.157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theavgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theavgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z6rAk3KomrrvGJ8MCOOC8QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-21 02:55:03 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇺🇸 TheMadBeaker	2024-08-03 12:42:11 (1 year ago)	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	Hacking SQL Injection

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 193.24.211.107

🇪🇬 41.33.91.226

🇺🇬 196.0.242.54

🇱🇹 81.30.98.44

🇺🇸 195.184.76.68

🇩🇪 178.104.240.0

🇻🇳 123.24.201.242

🇩🇪 155.117.127.214

🇦🇺 103.208.219.38

🇺🇸 52.205.141.124

🇵🇰 37.111.166.32

🇰🇷 222.108.147.76

🇷🇺 188.247.54.50

🇻🇳 123.28.65.254

🇸🇬 103.187.146.131

🇮🇩 202.145.0.18

🇧🇪 198.235.24.192

🇨🇲 165.210.33.197

🇦🇪 132.243.121.237

🇺🇸 72.253.251.7