JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.126.150

157.22.126.150 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 24%: ?

24%

ISP	Global Transit Systems LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	globaltransitsystems.online
Country	🇸🇪 Sweden
City	Sjuhalla, Blekinge

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.126.150

Whois 157.22.126.150

IP Abuse Reports for 157.22.126.150:

This IP address has been reported a total of 37 times from 6 distinct sources. 157.22.126.150 was first reported on January 21st 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 00:59:43 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 20:59:38.592633 2026] [security2:error] [pid 4035:tid 4035] [client 157.22.126.150:46001] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|krakowski.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "krakowski.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajCf-uA3tkk0cazBCKszkQAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 10:16:32 (15 hours ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:16:24.266096 2026] [security2:error] [pid 6773:tid 6773] [client 157.22.126.150:10775] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|firstunitedreserve.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "firstunitedreserve.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai_Q-KmJ5BpfEnl7DLx0qwAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-06-14 20:40:21 (1 day ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 22:28:20 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:28:14.664873 2026] [security2:error] [pid 29735:tid 29735] [client 157.22.126.150:60823] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gemexpressions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gemexpressions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ais2fq3aU-mM640hrVtL8gAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:25:08 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:25:04.329799 2026] [security2:error] [pid 10153:tid 10153] [client 157.22.126.150:37687] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|toody.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "toody.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah3qoJgmH0vzSD0_ht_2nAAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 11:41:19 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 07:41:14.017758 2026] [security2:error] [pid 10191:tid 10191] [client 157.22.126.150:63881] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|faeriefeelers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "faeriefeelers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahgp2sWvR4ZszX0gKQg5KgAAABo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Jason Howell	2026-05-14 20:18:15 (1 month ago)	157.22.126.150 - - [14/May/2026:20:18:10 +0000] "GET /wp-login.php HTTP/1.1" 301 573 "-" "Mozilla/5. ... show more 157.22.126.150 - - [14/May/2026:20:18:10 +0000] "GET /wp-login.php HTTP/1.1" 301 573 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 157.22.126.150 - - [14/May/2026:20:18:11 +0000] "GET /wp-login.php HTTP/1.1" 200 3938 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 157.22.126.150 - - [14/May/2026:20:18:13 +0000] "POST /wp-login.php HTTP/1.1" 200 1944 "https://www.reynoldsmfg.com/wp-login.php" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 157.22.126.150 - - [14/May/2026:20:18:14 +0000] "GET /wp-login.php HTTP/1.1" 301 573 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 157.22.126.150 - - [14/May/2026:20:18:14 +0000] "GET /wp-login.php HTTP/1.1" 200 1594 "-" "Mozilla/5.0 (Windows; U ... show less	Web App Attack
🇩🇪 kjaerulff	2026-05-14 18:15:32 (1 month ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 14:27:35 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 10:27:27.762532 2026] [security2:error] [pid 6973:tid 6973] [client 157.22.126.150:42195] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bordwell.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bordwell.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agCVz6BVj0lrAMNf3qjJrgAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-23 04:44:36 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.126.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 23:44:29.663654 2026] [security2:error] [pid 30583:tid 30583] [client 157.22.126.150:11993] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pharmaceuticalsalescertifications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXL8rWHtCHMjGYzvSqAC0wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 [email protected]	2026-01-23 02:25:27 (4 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-23T02:25:26Z	Brute-Force
🇺🇸 [email protected]	2026-01-23 02:00:04 (4 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-23T02:00:04Z	Brute-Force
🇺🇸 [email protected]	2026-01-23 01:42:26 (4 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-23T01:42:26Z	Brute-Force
🇺🇸 [email protected]	2026-01-23 01:23:30 (4 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-23T01:23:30Z	Brute-Force
🇺🇸 [email protected]	2026-01-23 01:00:07 (4 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-01-23T01:00:06Z	Brute-Force

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 24.4.14.176

🇻🇳 222.254.147.122

🇷🇺 178.177.40.170

🇬🇧 104.248.160.118

🇮🇩 103.110.34.131

🇸🇬 101.47.156.21

🇨🇦 85.217.149.39

🇫🇷 51.68.34.131

🇳🇱 45.156.87.10

🇳🇱 45.148.10.183

🇯🇵 43.165.174.224

🇻🇳 14.191.35.197

🇹🇼 198.235.24.30

🇮🇩 182.253.64.11

🇻🇳 171.252.188.77

🇨🇳 120.49.69.152

🇳🇱 91.92.40.7

🇺🇸 73.151.34.63

🇺🇸 45.79.213.172

🇺🇸 20.106.49.2