JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.111.157.11

172.111.157.11 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 60%: ?

60%

ISP	INTERNET-SECURITY-GB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132372
Domain Name	pointtoserver.com
Country	🇲🇾 Malaysia
City	Banting, Selangor

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.111.157.11

Whois 172.111.157.11

IP Abuse Reports for 172.111.157.11:

This IP address has been reported a total of 16 times from 13 distinct sources. 172.111.157.11 was first reported on December 2nd 2020, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 soc-yk	2026-06-24 09:57:19 (12 hours ago)	Type: suspicious_network_activity Risk: 64 Events: 659 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 64 Events: 659 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇮🇩 sockominfo	2026-06-24 07:00:55 (15 hours ago)	IDOR Attempt. Threat Score: 8.7/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Ve ... show more IDOR Attempt. Threat Score: 8.7/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1210 (Exploitation of Remote Services). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-24 05:00:15 (17 hours ago)	IDOR Attempt. Threat Score: 7/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-23 17:00:33 (1 day ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇳🇱 i-turnradio.nl	2026-06-23 13:54:25 (1 day ago)	2026-06-23 @ 15:54:24 (CET) ~ Blocked for trying to access: /erker/wp/wp-login.php	Web App Attack
Anonymous	2026-06-22 19:22:29 (2 days ago)	wordpress authentication brute force	Brute-Force Web App Attack
Anonymous	2026-06-22 07:26:41 (2 days ago)	172.111.157.11 - - [22/Jun/2026:09:26:26 +0200] "GET /wp-login.php HTTP/1.1" 403 6686 "-" "Mozilla/5 ... show more 172.111.157.11 - - [22/Jun/2026:09:26:26 +0200] "GET /wp-login.php HTTP/1.1" 403 6686 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.66 Safari/537.36" 172.111.157.11 - - [22/Jun/2026:09:26:28 +0200] "GET /wp-login.php HTTP/1.1" 403 2160 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.66 Safari/537.36" 172.111.157.11 - - [22/Jun/2026:09:26:29 +0200] "GET /wp-login.php HTTP/1.1" 403 6686 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.62 Safari/537.36" 172.111.157.11 - - [22/Jun/2026:09:26:30 +0200] "GET /wp-login.php HTTP/1.1" 403 2160 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.62 Safari/537.36" 172.111.157.11 - - [22/Jun/2026:09:26:31 +0200] "GET /wp-login.php HTTP/1.1" 403 6686 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ... show less	Bad Web Bot Web App Attack
🇮🇩 David Koswari	2026-06-22 05:36:00 (2 days ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇮🇩 sockominfo	2026-06-21 23:00:28 (2 days ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇮🇹 VHosting	2026-06-21 22:05:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇦 polycoda	2026-06-21 21:09:04 (3 days ago)	AutoBlock: 📡 Port 22 Scan (Non Decay-Based)	Port Scan SSH
Anonymous	2026-06-21 19:25:01 (3 days ago)		Brute-Force Bad Web Bot Web App Attack
🇿🇦 hostsec_za	2026-06-21 19:15:00 (3 days ago)	cPanel Auth Attack. 11 failed logins in 1 hour.	Brute-Force
🇨🇭 TOCE	2026-06-06 21:31:16 (2 weeks ago)	15413 hits seen on 2026-06-06, ports 445 (SMB) on a honeypot from www.toce.ch	Brute-Force
🇮🇩 securejdprop	2026-04-22 02:14:17 (2 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 34). Ip 172.111.157.11 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-22 02:14:15.923610181 +0000 UTC show less	Hacking Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.243.133.81

🇺🇸 216.73.160.64

🇹🇼 198.235.24.72

🇷🇺 95.188.91.101

🇸🇬 94.231.206.11

🇻🇳 45.118.146.219

🇯🇵 13.115.63.152

🇺🇸 216.73.160.62

🇷🇴 193.32.162.84

🇺🇸 162.216.150.69

🇳🇿 121.73.163.82

🇷🇴 80.94.92.206

🇧🇪 35.205.140.253

🇺🇸 216.73.160.69

🇸🇬 193.37.32.189

🇮🇳 182.95.230.158

🇩🇪 167.94.146.40

🇨🇳 101.89.148.7

🇫🇷 94.250.203.222

🇵🇱 2a04:c605:409:91:9999::231