JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.22.18.96

157.22.18.96 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 17%: ?

17%

ISP	Global Transit Systems LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	globaltransitsystems.online
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.22.18.96

Whois 157.22.18.96

IP Abuse Reports for 157.22.18.96:

This IP address has been reported a total of 5 times from 4 distinct sources. 157.22.18.96 was first reported on May 6th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-21 22:20:19 (1 week ago)	Brute force	Brute-Force
🇩🇪 kjaerulff	2026-05-14 14:16:27 (1 month ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 TPI-Abuse	2026-05-11 11:33:14 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 157.22.18.96 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 157.22.18.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 07:33:11.268380 2026] [security2:error] [pid 23485:tid 23485] [client 157.22.18.96:21175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|riser-astrology.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "riser-astrology.com"] [uri "/"] [unique_id "agG-d-r_eTz9CSJYddn3GgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-05-07 16:59:24 (1 month ago)	Fail2Ban banned 157.22.18.96 for security violations in jail wp-armour. Log: 2026/05/07 16:59:23 [er ... show more Fail2Ban banned 157.22.18.96 for security violations in jail wp-armour. Log: 2026/05/07 16:59:23 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 157.22.18.96 \| Target: wplogin" , client: 157.22.18.96, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 tilellit.pro	2026-05-06 18:15:26 (1 month ago)	Fail2Ban banned 157.22.18.96 for security violations in jail wp-armour. Log: 2026/05/06 18:15:25 [er ... show more Fail2Ban banned 157.22.18.96 for security violations in jail wp-armour. Log: 2026/05/06 18:15:25 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 157.22.18.96 \| Target: wplogin" , client: 157.22.18.96, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.160.171

🇳🇱 192.42.116.49

🇺🇸 172.215.144.32

🇰🇷 115.68.226.131

🇮🇳 104.211.103.193

🇺🇸 65.49.1.25

🇧🇷 45.165.14.197

🇧🇪 34.140.190.165

🇨🇳 219.150.93.157

🇺🇦 178.159.211.11

🇸🇪 171.25.158.57

🇰🇭 117.20.119.70

🇳🇱 93.158.213.25

🇬🇧 80.234.161.121

🇺🇸 65.49.1.178

🇮🇳 49.43.226.66

🇺🇸 216.180.246.22

🇺🇸 205.185.125.209

🇳🇱 199.47.242.83

🇧🇷 191.5.31.61