JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.102.92

157.22.102.92 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 23%: ?

23%

ISP	Atlas Network Holdings LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	atlasnetworkholdings.online
Country	🇷🇺 Russian Federation
City	Volokonovka, Belgorod Oblast

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.102.92

Whois 157.22.102.92

IP Abuse Reports for 157.22.102.92:

This IP address has been reported a total of 8 times from 4 distinct sources. 157.22.102.92 was first reported on March 10th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nationaleventpros.com	2026-06-14 16:48:21 (17 hours ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 00:47:57 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 20:47:52.090838 2026] [security2:error] [pid 1205:tid 1205] [client 157.22.102.92:55681] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|edensgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edensgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahjiONl0AxET9OUBRCG0bgAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-21 01:13:25 (3 weeks ago)	PARMACOM WEBEXPLOIT 157.22.102.92 (157.22.102.92)	Web App Attack
🇩🇪 kjaerulff	2026-05-19 13:36:53 (3 weeks ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 11:50:50 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 07:50:46.649651 2026] [security2:error] [pid 8979:tid 8979] [client 157.22.102.92:45291] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|iahksa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iahksa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agMUFn6qqAB8rTFxP0exnwAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 08:53:11 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 04:53:03.505064 2026] [security2:error] [pid 20581:tid 20581] [client 157.22.102.92:58371] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|lawrencehale.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lawrencehale.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agBHb2w8RCCrTZmxWOUcRgAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 03:54:37 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 157.22.102.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 23:54:33.817636 2026] [security2:error] [pid 16249:tid 16249] [client 157.22.102.92:23099] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agABeUpMiOMLHfA_OuMD_gAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2026-03-10 10:18:49 (3 months ago)	Failed Wordpress login using wp-login.php	Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 198.57.26.5

🇻🇳 160.250.181.54

🇮🇩 103.124.196.101

🇫🇷 75.119.130.133

🇩🇪 69.5.169.44

🇮🇳 49.36.69.181

🇳🇱 45.148.10.121

🇮🇳 34.131.47.46

🇮🇳 122.185.185.18

🇳🇱 81.19.216.85

🇺🇸 66.132.195.123

🇩🇪 31.58.24.121

🇺🇸 20.96.179.87

🇸🇪 195.178.191.5

🇧🇷 177.54.84.157

🇹🇷 176.40.242.118

🇺🇸 137.184.204.237

🇸🇾 95.159.47.12

🇨🇳 62.234.223.248

🇺🇸 8.230.117.120