AbuseIPDB » 185.198.37.137
185.198.37.137 was found in our database!
This IP was reported 9 times. Confidence of
Abuse
is 3% : ?
ISP
Azadeh Golestan Parast trading as Virtual Dedicated Datacenter Services FZCO
Usage Type
Data Center/Web Hosting/Transit
ASN
AS20853
Domain Name
virtualhost.ae
Country
π΅π±
Poland
City
Warsaw, Mazovia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 185.198.37.137 :
This IP address has been reported a total of
9
times from
6 distinct
sources.
185.198.37.137 was first reported on
May 28th 2025 , and the most recent report was
3 days ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π³πΏ
Tripwire
2026-07-09 14:33:35
(3 days ago)
Fake Googlebot "Googlebot"
Bad Web Bot
πΈπͺ
Johan Finn
2025-09-20 10:40:00
(9 months ago)
python request
Web App Attack
πΊπΈ
TPI-Abuse
2025-08-31 05:54:26
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 01:54:22.402395 2025] [security2:error] [pid 21685:tid 21685] [client 185.198.37.137:50905] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dietzengineers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dietzengineers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aLPjjvehRe93w_GOE93sbQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
gu-alvareza
2025-08-11 07:05:07
(11 months ago)
WordPress.REST.API.Username.Enumeration.Information.Disclosure
Web App Attack
πΊπΈ
TPI-Abuse
2025-08-05 07:17:26
(11 months ago)
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 03:17:22.658230 2025] [security2:error] [pid 14048:tid 14048] [client 185.198.37.137:42899] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ftp.healthydatasystems.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ftp.healthydatasystems.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aJGwAkTLdfYimGPtFSKg6gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-06-28 07:55:15
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 28 03:53:57.999311 2025] [security2:error] [pid 3279938:tid 3279938] [client 185.198.37.137:39957] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.malta-boat-registration.com.boatregistrationdelaware.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.malta-boat-registration.com.boatregistrationdelaware.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aF-flX5klo08cW6TnQMdXAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
afleventoffice.com.au
2025-06-10 13:19:42
(1 year ago)
GET /wp-json/wp/v2/users HTTP/1.1
Web App Attack
πΊπΈ
TPI-Abuse
2025-05-29 15:03:49
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 185.198.37.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 11:03:40.481280 2025] [security2:error] [pid 2416284:tid 2416284] [client 185.198.37.137:33533] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||citadeltitle.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "citadeltitle.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aDh3TGMbpLJPQUASc6SsrQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
ipblock.com
2025-05-28 08:20:00
(1 year ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: