JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 137.59.106.225

137.59.106.225 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 76%: ?

76%

ISP	GMO-Z.com Runsystem Joint Stock Company
Usage Type	Data Center/Web Hosting/Transit
ASN	AS131392
Hostname(s)	static-pool.tenten.vn
Domain Name	gmo-z.com
Country	🇻🇳 Viet Nam
City	Hanoi, Hanoi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 137.59.106.225

Whois 137.59.106.225

IP Abuse Reports for 137.59.106.225:

This IP address has been reported a total of 24 times from 13 distinct sources. 137.59.106.225 was first reported on June 17th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-23 12:16:13 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 08:16:07.851846 2026] [security2:error] [pid 24300:tid 24300] [client 137.59.106.225:38812] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dwightbrown.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dwightbrown.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajp5B7kWysuxwFmPGq3gVAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 08:27:09 (5 hours ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 04:27:04.555360 2026] [security2:error] [pid 30874:tid 30874] [client 137.59.106.225:34446] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|lukeschicago.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lukeschicago.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "ajpDWHP4v0hn1pmFhV2FewAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 06:14:37 (8 hours ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 02:14:30.703713 2026] [security2:error] [pid 9085:tid 9085] [client 137.59.106.225:44660] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|heatherweathers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "heatherweathers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajokRnto7ZUDQSTfkgnHLQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-23 03:45:20 (10 hours ago)	PSCSERV WPSCAN 137.59.106.225	Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-22 17:41:09 (20 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 big-cloud.nl	2026-06-22 14:03:22 (1 day ago)	Try to access /xmlrpc.php	Web App Attack
🇳🇴 jad-abuse	2026-06-22 08:18:22 (1 day ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. O ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 1 hits. show less	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-21 23:31:14 (1 day ago)	(y4) Failed scan -byebye- from 137.59.106.225 (VN/Vietnam/static-pool.tenten.vn): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-20 07:40:34 (3 days ago)	(y4) Failed scan -byebye- from 137.59.106.225 (VN/Vietnam/static-pool.tenten.vn): (CF_ENABLE)	Hacking
🇺🇸 mnsf	2026-06-20 03:05:44 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 02:05:25 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 22:05:20.005153 2026] [security2:error] [pid 8107:tid 8107] [client 137.59.106.225:54394] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hotelkona.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotelkona.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajX1YHJN_6h7mL04nWoZrwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:38:13 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:38:10.469558 2026] [security2:error] [pid 13951:tid 13951] [client 137.59.106.225:47804] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|puckerbikini.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "puckerbikini.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajXS4oomQY2jc0S6SDXMuAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:28:10 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:28:04.484626 2026] [security2:error] [pid 18881:tid 18888] [client 137.59.106.225:54080] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|leaderoftheopposition.aafm.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "leaderoftheopposition.aafm.us"] [uri "/wp-json/wp/v2/users/3"] [unique_id "ajXCdJ4aqVE8PMBsgdqCwwAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 20:44:42 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 137.59.106.225 (static-pool.tenten.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 16:44:38.081721 2026] [security2:error] [pid 28647:tid 28647] [client 137.59.106.225:51032] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.thevillagebakeryftw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.thevillagebakeryftw.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "ajWqNgk2hsD6TJKWaIlknAAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-19 20:31:31 (3 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-geofence-sus.	Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.121

🇻🇳 210.245.20.230

🇸🇬 203.27.106.146

🇬🇧 193.163.125.231

🇬🇧 193.163.125.82

🇺🇸 103.196.9.136

🇺🇸 65.49.1.153

🇬🇧 35.203.211.71

🇨🇦 20.151.110.96

🇭🇰 2404:6800:4005:c03::125

🇮🇩 202.67.44.12

🇺🇸 173.239.240.31

🇩🇪 128.1.123.104

🇳🇱 91.92.40.10

🇳🇱 45.156.128.43

🇺🇸 23.95.212.113

🇮🇳 20.219.91.90

🇨🇳 223.85.251.47

🇮🇳 203.200.74.18

🇺🇦 188.130.177.81