JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 37.28.157.146

37.28.157.146 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 48%: ?

48%

ISP	Marek.pro Marek Drzewiecki
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197155
Hostname(s)	vps117.uphost.pro
Domain Name	marek.pro
Country	🇵🇱 Poland
City	Gdansk, Pomerania

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 37.28.157.146

Whois 37.28.157.146

IP Abuse Reports for 37.28.157.146:

This IP address has been reported a total of 32 times from 9 distinct sources. 37.28.157.146 was first reported on November 24th 2024, and the most recent report was 27 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 18:23:05 (27 minutes ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 14:23:02.272625 2026] [security2:error] [pid 13796:tid 13796] [client 37.28.157.146:45008] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theyoungstrategist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theyoungstrategist.com"] [uri "/wp-json/wp/v2/users"] [unique_id "air9BiqktFf-q3cQ8aliqQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 07:45:49 (11 hours ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:45:44.179515 2026] [security2:error] [pid 23074:tid 23074] [client 37.28.157.146:50078] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|campnecon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "campnecon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aipnqKCvYCPWW0T2MQgc5gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 05:54:04 (12 hours ago)	Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /?author=3 HTTP/1.1, POST /wp-login.php ... show more Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /?author=3 HTTP/1.1, POST /wp-login.php HTTP/1.1, GET /author/admin/ HTTP/1.1, POST /xmlrpc.php HTTP/1.1, GET /wp-json/wp/v2/users HTTP/1.1, GET /?author=2 HTTP/1.1, GET /?author=1 HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 01:46:11 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 21:46:06.191980 2026] [security2:error] [pid 9855:tid 9855] [client 37.28.157.146:47582] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.wholesalelivelobsters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wholesalelivelobsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aioTXoXPieU7i1OJQ48OAAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 23:08:18 (19 hours ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:08:12.845391 2026] [security2:error] [pid 23622:tid 23622] [client 37.28.157.146:48768] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.innolympics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.innolympics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ainuXMwQ_fe_XQHR6JJnTQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:25:22 (21 hours ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:25:19.131130 2026] [security2:error] [pid 13983:tid 13983] [client 37.28.157.146:37760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.inquisitivequincie.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.inquisitivequincie.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ainWPxABAAfVTBtQnCwTWwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 15:43:01 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 11:42:57.387448 2026] [security2:error] [pid 7534:tid 7534] [client 37.28.157.146:37964] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rwabutazafoundation.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rwabutazafoundation.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aimGAXzJwft99_Nt2sA4NQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 13:07:35 (1 day ago)	[redacted] 37.28.157.146 - - [10/Jun/2026:15:07:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "M ... show more [redacted] 37.28.157.146 - - [10/Jun/2026:15:07:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0" [redacted] 37.28.157.146 - - [10/Jun/2026:15:07:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0" [redacted] 37.28.157.146 - - [10/Jun/2026:15:07:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0" [redacted] 37.28.157.146 - - [10/Jun/2026:15:07:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0" [redacted] 37.28.157.146 - - [10/Jun/2026:15:07:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0" [redacted] 37.28.157.1 ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 10:31:33 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:31:29.281189 2026] [security2:error] [pid 24519:tid 24519] [client 37.28.157.146:42092] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|automatebi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "automatebi.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aik9AYU8OD03Y5BcfsVCigAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 05:08:27 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:08:21.110106 2026] [security2:error] [pid 28257:tid 28273] [client 37.28.157.146:57650] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.tkfay.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tkfay.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aijxRbGQqIctfKkS25otBAAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-10 02:19:32 (1 day ago)	Blocked by CSF 13 firewall - Rule: PL/Poland/vps117.uphost.pro	Web App Attack
🇫🇷 dynamix	2026-06-08 15:28:12 (3 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:47:53 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:47:49.066606 2026] [security2:error] [pid 31889:tid 31889] [client 37.28.157.146:57754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.littlecreekrvranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.littlecreekrvranch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiaPxceWVIaiblMScsv1fAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 23:27:51 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the las ... show more (mod_security) mod_security (id:225170) triggered by 37.28.157.146 (vps117.uphost.pro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:27:45.115136 2026] [security2:error] [pid 7189:tid 7189] [client 37.28.157.146:46422] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.smoothiessoupssalads.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.smoothiessoupssalads.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiX-cZcNXs9UTKlx2LTHSQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 04:10:02 (4 days ago)	Web App Attack, Hacking	Hacking Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 181.212.3.42

🇳🇱 165.232.94.244

🇺🇸 162.217.165.142

🇨🇦 147.182.144.120

🇺🇸 104.23.211.14

🇺🇸 40.124.175.136

🇳🇱 193.176.31.155

🇮🇷 178.131.96.16

🇺🇸 147.185.132.156

🇭🇰 134.122.177.2

🇺🇸 66.132.172.32

🇺🇸 45.88.91.228

🇬🇧 35.203.211.168

🇹🇼 1.162.228.189

🇹🇼 1.162.106.89

🇨🇳 202.46.62.22

🇧🇷 187.40.215.162

🇮🇳 103.136.137.73

🇩🇪 64.226.126.224

🇬🇧 35.203.211.63