JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 160.22.217.53

160.22.217.53 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 10%: ?

10%

ISP	PT Lintas Media Solusindo
Usage Type	Fixed Line ISP
ASN	AS152841
Domain Name	lintasmediasolusindo.com
Country	🇮🇩 Indonesia
City	Singosari, East Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 160.22.217.53

Whois 160.22.217.53

IP Abuse Reports for 160.22.217.53:

This IP address has been reported a total of 11 times from 6 distinct sources. 160.22.217.53 was first reported on December 18th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-27 03:22:43 (1 week ago)	563 limiting connections by zone (9m59s)	DDoS Attack
🇮🇹 VHosting	2026-04-26 08:29:52 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇳🇱 exxos	2025-09-15 19:03:01 (8 months ago)	Attacks with Bad user agents	Hacking
🇮🇩 hermawan	2025-08-30 07:44:32 (9 months ago)	[Sat Aug 30 14:43:45.586270 2025] [security2:error] [pid 1746123:tid 139676875740864] [client 160.22 ... show more [Sat Aug 30 14:43:45.586270 2025] [security2:error] [pid 1746123:tid 139676875740864] [client 160.22.217.53:51816] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].?[\\"'`]\|(?:\\\\r?\\\\n)?\\\\z\|[^\\"'`]+)\|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]?from\|(?:alter\|(?:(?:cre\|trunc\|upd)at\|renam)e\|d(?:e(?:lete\|sc)\|rop)\|(?:inser\|selec)t\|load)[\\\\s\\\\x0b]?\\\\([\\\\s\\\\x0b]?space[\\\\s\\\\x0b]?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2129"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/139.0.7258.143 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 13; Infini ... show less	Hacking Web App Attack
🇩🇪 botreporter	2025-06-17 15:34:55 (11 months ago)	botnet ignoring robots.txt	Bad Web Bot
🇮🇩 hermawan	2025-06-11 13:33:43 (11 months ago)	[Wed Jun 11 20:33:13.182720 2025] [security2:error] [pid 290738:tid 140474009450176] [client 160.22. ... show more [Wed Jun 11 20:33:13.182720 2025] [security2:error] [pid 290738:tid 140474009450176] [client 160.22.217.53:46804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /touch-icon-iphone-retina.png HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/touch-icon-iphone-retina.png"] [unique_id "aEmFmcDEFAlUKVeGvPUMAwAAFQ8"], referer https://myactivity.google.com/ [staklim-malang.info] [staklim-malang.info] top=[290754] [d53K2pPdXs4] [aEmFmcDEFAlUKVeGvPUMAwAAFQ8] keep_alive=[1] [2025-06-11 20:33:13.182727] [R:aEmFmcDEFAlUKVeGvPUMAwAAFQ8] UA:'Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/ ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-06-03 08:35:27 (1 year ago)	[Tue Jun 03 15:35:27.112032 2025] [security2:error] [pid 108752:tid 140474821105344] [client 160.22. ... show more [Tue Jun 03 15:35:27.112032 2025] [security2:error] [pid 108752:tid 140474821105344] [client 160.22.217.53:45982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Buletin/Musim/Musim_Kemarau/2025/Buletin_6_Bulanan_Prediksi_Musim_Kemarau_Tahun_2025_di_Provinsi_Jawa_Timur.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Buletin/Musim/Musim_Kemarau/2025/Buletin_6_Bulanan_Prediksi_Musim_Kemarau_Tahun_2025_di_Provinsi_Jawa_Timur.webp"] [unique_id "aD6zz8YzEzvsAN5z2u_mtwAAjAU"], referer https://myactivity.google.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[108758] [J/wpw34 ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-05-30 18:41:43 (1 year ago)	[Fri May 30 21:22:34.837590 2025] [security2:error] [pid 705158:tid 139909808416448] [client 160.22. ... show more [Fri May 30 21:22:34.837590 2025] [security2:error] [pid 705158:tid 139909808416448] [client 160.22.217.53:39712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "myactivity.google.com" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "439"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: myactivity.google.com found within REQUEST_HEADERS:Referer: https://myactivity.google.com/ request_line = GET /images/Klimatologi/Buletin/Musim/Musim_Kemarau/2025/Buletin_6_Bulanan_Prediksi_Musim_Kemarau_Tahun_2025_di_Provinsi_Jawa_Timur.webp HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/images/Klimatologi/Buletin/Musim/Musim_Kemarau/2025/Buletin_6_Bulanan_Prediksi_Musim_Kemarau_Tahun_2025_di_Provinsi_Jawa_Timur.webp"] [unique_id "aDm_Km8sf4B9M3UrzLV12wAAyRg"], referer https://myactivity.google.com/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[705184] [f1w5JQP ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-05-03 11:44:24 (1 year ago)	[Sat May 03 18:35:24.781086 2025] [security2:error] [pid 595677:tid 140684826592960] [client 160.22. ... show more [Sat May 03 18:35:24.781086 2025] [security2:error] [pid 595677:tid 140684826592960] [client 160.22.217.53:35268] ModSecurity: Access denied with code 403 (phase 2). Match of "rx [0-9]\\\\s\\\\'\\\\s[0-9]" against "MATCHED_VAR" required. [file "/etc/modsecurity/coreruleset-4.13.0/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "1758"] [id "932240"] [msg "Remote Command Execution: Unix Command Injection evasion attempt detected"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: s1746272080$o2 found within MATCHED_VAR: GS2.1.s1746272080$o2$g1$t1746272090$j0$l0$h0 request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/2.0 Request URI RAW = /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini Request Basename = gempa-terkini"] [severity "CRITICAL"] [ver "OWASP_CRS/4.13.0"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "attack-rce"] [tag "paranoia-level ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-03-16 10:19:36 (1 year ago)	[Sun Mar 16 17:16:40.937486 2025] [security2:error] [pid 100555:tid 139931121972928] [client 160.22. ... show more [Sun Mar 16 17:16:40.937486 2025] [security2:error] [pid 100555:tid 139931121972928] [client 160.22.217.53:49444] ModSecurity: Access denied with code 403 (phase 1). Match of "pm www.office.com powerpoint.officeapps.live.com /offline-service-worker-27-01-2024-v5-0-1.js /offline-service-worker-01-08-2023-v4-5-1.js /OneSignalSDKWorker.js /worker-analytic-helper-27-11-2022.js/ /worker-analytic-helper-29-11-2022.js/ /worker-analyt ..." against "REQUEST_HEADERS:Referer" required. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "410"] [id "440067"] [msg "BAD Referer"] [data "Matched Data: staklim-jatim.bmkg.go.id found within REQUEST_HEADERS:Referer: https://internet-start.net/ request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini"] [unique_id "Z9alCMvn9Fxl1HOl1tyl6gAASho"], referer ht ... show less	Hacking Web App Attack
Anonymous	2024-12-18 19:51:04 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇺🇸 165.227.188.42

🇺🇸 66.132.172.212

🇫🇷 62.171.169.98

🇨🇳 221.15.14.129

🇮🇩 202.51.214.99

🇬🇧 193.163.125.248

🇮🇳 152.32.156.138

🇨🇳 117.50.75.90

🇨🇳 115.227.49.23

🇲🇽 104.243.245.202

🇳🇱 89.248.163.200

🇺🇸 20.106.49.209

🇨🇭 209.99.189.174

🇫🇷 203.55.81.2

🇳🇱 176.65.149.194

🇮🇷 151.234.220.12

🇪🇨 149.50.204.34

🇲🇲 103.154.241.61

🇭🇰 101.36.122.129