JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.126.100

157.22.126.100 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 11%: ?

11%

ISP	Global Transit Systems LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	globaltransitsystems.online
Country	🇸🇪 Sweden
City	Sjuhalla, Blekinge

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.126.100

Whois 157.22.126.100

IP Abuse Reports for 157.22.126.100:

This IP address has been reported a total of 16 times from 9 distinct sources. 157.22.126.100 was first reported on January 2nd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 10:18:09 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 06:18:03.900815 2026] [security2:error] [pid 15787:tid 15787] [client 157.22.126.100:47059] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|34thprs.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "34thprs.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajkL23U3_ZZwLCRn7g1tZQAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-02 23:53:49 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 19:53:42.157418 2026] [security2:error] [pid 13144:tid 13144] [client 157.22.126.100:54959] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bohk.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bohk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afaOhrc1sBUJHz5l5pSASAAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NicoID	2026-05-01 00:17:00 (1 month ago)	157.22.126.100 - - [30/Apr/2026:15:50:13 -0600] "GET /wp-login.php HTTP/1.1" 200 4884 "https://www.g ... show more 157.22.126.100 - - [30/Apr/2026:15:50:13 -0600] "GET /wp-login.php HTTP/1.1" 200 4884 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
🇫🇷 Yepngo	2026-04-23 22:05:17 (2 months ago)	157.22.126.100 - - [23/Apr/2026:23:57:26 +0200] "POST /wp-login.php HTTP/2.0" 200 12080 "https://yep ... show more 157.22.126.100 - - [23/Apr/2026:23:57:26 +0200] "POST /wp-login.php HTTP/2.0" 200 12080 "https://yepngo.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 157.22.126.100 - - [24/Apr/2026:00:05:17 +0200] "POST /wp-login.php HTTP/2.0" 200 12082 "https://yepngo.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇨🇿 ptlab	2026-04-21 08:45:33 (2 months ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇺🇸 nationaleventpros.com	2026-04-17 11:14:19 (2 months ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-04-17 01:33:15 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 21:33:10.827527 2026] [security2:error] [pid 3954005:tid 3954005] [client 157.22.126.100:42005] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|joycebrown.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "joycebrown.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeGN1nEvY2YzXTXrhUXlmgAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 12:36:04 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 08:36:00.746680 2026] [security2:error] [pid 23446:tid 23446] [client 157.22.126.100:23885] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|iconconstructors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iconconstructors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ac-0MMZ5eNERwlFIQtxtHwAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-30 13:20:53 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:20:46.626089 2026] [security2:error] [pid 10029:tid 10066] [client 157.22.126.100:53447] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|keithfamily.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "keithfamily.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acp4ruebC9_yZvrX7Mz3lgAAAQc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 zynex	2026-03-25 23:58:02 (3 months ago)	URL Probing: /de/wp-admin.php	Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 01:53:21 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 21:53:15.310561 2026] [security2:error] [pid 26816:tid 26816] [client 157.22.126.100:31701] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|osbyink.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "osbyink.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acNACw8i4ALpFDCP-I20FgAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-23 23:26:57 (3 months ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 05:53:09 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 00:53:03.905554 2026] [security2:error] [pid 24941:tid 24941] [client 157.22.126.100:30799] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aakaP4ZF7FYY9DXm4ytcxgAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-03-02 14:10:43 (3 months ago)	157.22.126.100 - - [02/Mar/2026:07:10:41 -0700] "POST /wp-login.php HTTP/1.1" 200 2355 "https://dooc ... show more 157.22.126.100 - - [02/Mar/2026:07:10:41 -0700] "POST /wp-login.php HTTP/1.1" 200 2355 "https://dooce.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-01-06 11:18:25 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 06 06:18:21.594367 2026] [security2:error] [pid 2459848:tid 2459848] [client 157.22.126.100:29639] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hawarcenter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hawarcenter.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aVzvfXmyXUtffgNZx0HYPAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.197

🇱🇹 62.60.130.219

🇮🇹 2.57.170.94

🇬🇧 217.146.80.121

🇬🇧 213.166.84.48

🇷🇴 185.146.232.118

🇮🇩 163.7.11.69

🇺🇸 162.216.149.139

🇳🇱 159.65.203.222

🇸🇬 148.66.142.9

🇷🇺 95.25.92.150

🇧🇬 79.124.49.114

🇳🇱 77.83.39.197

🇨🇳 39.106.23.166

🇺🇸 20.168.0.133

🇬🇧 194.50.235.144

🇬🇧 188.240.59.56

🇺🇸 147.185.132.177

🇺🇸 147.185.132.27

🇺🇸 143.198.24.131