JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.111.157.22

172.111.157.22 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 48%: ?

48%

ISP	INTERNET-SECURITY-GB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS132372
Domain Name	pointtoserver.com
Country	🇲🇾 Malaysia
City	Banting, Selangor

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.111.157.22

Whois 172.111.157.22

IP Abuse Reports for 172.111.157.22:

This IP address has been reported a total of 13 times from 11 distinct sources. 172.111.157.22 was first reported on May 3rd 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 David Koswari	2026-06-05 05:44:00 (1 day ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇮🇩 sockominfo	2026-06-04 23:00:11 (1 day ago)	IDOR Attempt. Threat Score: 7.1/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-04 19:00:38 (1 day ago)	IDOR Attempt. Threat Score: 9.1/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Ve ... show more IDOR Attempt. Threat Score: 9.1/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 96%. MITRE ATT&CK: T1210 (Exploitation of Remote Services). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-04 18:00:11 (1 day ago)	IDOR Attempt. Threat Score: 7.7/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-06-04 17:22:07 (1 day ago)	Wordfence waf block on fairregistry	Web App Attack
🇫🇷 tilellit.pro	2026-06-04 16:08:19 (2 days ago)	Fail2Ban banned 172.111.157.22 for security violations in jail wp-armour. Log: 2026/06/04 16:08:18 [ ... show more Fail2Ban banned 172.111.157.22 for security violations in jail wp-armour. Log: 2026/06/04 16:08:18 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 172.111.157.22 \| Target: wplogin" , client: 172.111.157.22, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Web Spam
🇮🇩 soc-yk	2026-06-04 14:18:11 (2 days ago)	Type: suspicious_network_activity Risk: 59 Events: 300 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 59 Events: 300 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇮🇹 VHosting	2026-06-04 12:15:03 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇦 polycoda	2026-06-04 06:12:53 (2 days ago)	AutoBlock: 📡 Port 22 Scan (Non Decay-Based)	Port Scan SSH
🇮🇩 securejdprop	2026-04-22 12:29:13 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus D ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET DROP Spamhaus DROP Listed Traffic Inbound group 34). Ip 172.111.157.22 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-22 12:29:11.285135873 +0000 UTC show less	Hacking Web App Attack
🇯🇵 stfw	2021-05-03 15:48:03 (5 years ago)	5060/udp [2021-05-03]1pkt	Port Scan
🇫🇷 security.rdmc.fr	2021-05-03 14:40:34 (5 years ago)	Automatic report - Port Scan Attack	Fraud VoIP Port Scan
🇩🇪 KPS	2021-05-03 14:02:32 (5 years ago)	PortscanM	Port Scan

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.217.100

🇮🇩 210.79.142.221

🇭🇰 165.154.62.170

🇺🇸 162.216.150.189

🇨🇳 121.14.34.219

🇳🇱 45.148.10.67

🇦🇺 34.40.145.110

🇺🇸 23.95.55.215

🇫🇷 185.194.219.72

🇮🇳 168.220.237.171

🇵🇭 103.186.139.149

🇸🇨 102.135.108.38

🇷🇴 92.84.130.90

🇧🇬 79.124.62.178

🇻🇳 27.71.84.150

🇻🇳 27.67.153.217

🇰🇷 1.222.42.237

🇺🇦 194.1.182.200

🇺🇸 178.156.253.13

🇨🇳 116.178.128.220