JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.102.165

157.22.102.165 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 11%: ?

11%

ISP	Atlas Network Holdings LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	atlasnetworkholdings.online
Country	🇷🇺 Russian Federation
City	Kaliningrad, Kaliningrad Oblast

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.102.165

Whois 157.22.102.165

IP Abuse Reports for 157.22.102.165:

This IP address has been reported a total of 5 times from 4 distinct sources. 157.22.102.165 was first reported on March 28th 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-27 07:07:12 (5 hours ago)	Fail2Ban banned 157.22.102.165 for security violations in jail wp-armour. Log: 2026/06/27 07:07:11 [ ... show more Fail2Ban banned 157.22.102.165 for security violations in jail wp-armour. Log: 2026/06/27 07:07:11 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 157.22.102.165 \| Target: wplogin" , client: 157.22.102.165, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-05-19 00:03:19 (1 month ago)	Banned by Fail2Ban on server	Web App Attack
🇩🇪 4server	2026-04-20 22:27:07 (2 months ago)	[TueApr2100:27:00.7416162026][security2:error][pid2446757:tid2446767][client157.22.102.165:0]ModSecu ... show more [TueApr2100:27:00.7416162026][security2:error][pid2446757:tid2446767][client157.22.102.165:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"www.restaurantgandria.ch\"][uri\"/xmlrpc.php\"][unique_id\"aeaoNCM_zKWpNOzXIlvy5AAAAEc\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-29 20:43:25 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.102.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.102.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 16:43:20.166831 2026] [security2:error] [pid 24891:tid 24891] [client 157.22.102.165:41909] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ran101.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ran101.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acmO6ITm8ARTJSh-1nA6UQAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-28 19:57:51 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 157.22.102.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 157.22.102.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 15:57:46.397111 2026] [security2:error] [pid 4161:tid 4161] [client 157.22.102.165:21947] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intercotrading.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intercotrading.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acgyugvWJ7Uinnq42gavkAAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.195.35.240

🇺🇦 77.52.212.182

🇨🇳 61.180.193.36

🇷🇺 188.170.76.248

🇵🇸 188.161.146.96

🇳🇱 176.65.149.236

🇺🇸 146.88.240.71

🇫🇷 146.70.194.246

🇨🇳 123.123.204.152

🇮🇳 103.146.233.187

🇨🇿 92.62.233.214

🇹🇷 78.174.68.119

🇮🇩 36.95.232.73

🇺🇸 13.220.39.244

🇷🇴 2.57.121.25

🇦🇷 190.181.99.141

🇮🇱 176.229.128.166

🇮🇩 163.7.6.41

🇮🇳 152.52.198.42

🇨🇳 101.201.155.141