JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 175.111.117.22

175.111.117.22 was found in our database!

This IP was reported 84 times. Confidence of Abuse is 83%: ?

83%

ISP	PT BATAM BINTAN TELEKOMUNIKASI
Usage Type	Fixed Line ISP
ASN	AS46026
Domain Name	bbt.co.id
Country	🇮🇩 Indonesia
City	Batam, Riau

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 175.111.117.22

Whois 175.111.117.22

IP Abuse Reports for 175.111.117.22:

This IP address has been reported a total of 84 times from 34 distinct sources. 175.111.117.22 was first reported on March 2nd 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 06:37:19 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:37:13.379243 2026] [security2:error] [pid 19031:tid 19031] [client 175.111.117.22:51799] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|goldcountrygermanamericanclub.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goldcountrygermanamericanclub.org"] [uri "/xmlrpc.php"] [unique_id "ajOSGcJRTs4Mbn3bgPWEggAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2026-06-17 06:10:49 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (ID/Indonesia/-): 5 in the last ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (ID/Indonesia/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:08:01 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:07:55.694916 2026] [security2:error] [pid 9946:tid 9946] [client 175.111.117.22:64600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|hsoftwaresystems.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hsoftwaresystems.net"] [uri "/xmlrpc.php"] [unique_id "ajI5u1SDVoWGGb5jVQFWXwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-17 05:30:09 (1 day ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:39:10 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:39:04.243399 2026] [security2:error] [pid 15867:tid 15867] [client 175.111.117.22:64488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|nextstepplus.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nextstepplus.net"] [uri "/xmlrpc.php"] [unique_id "ai9lyLR1rhwHCinpBxD4EgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 02:34:06 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:05:19 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:05:11.688149 2026] [security2:error] [pid 3399:tid 3399] [client 175.111.117.22:56439] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|konahawaii.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "konahawaii.com"] [uri "/xmlrpc.php"] [unique_id "ai9d11dYsGGmgRlNEFQYHwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 09:51:24 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 05:51:17.900592 2026] [security2:error] [pid 27504:tid 27504] [client 175.111.117.22:63614] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|instalatoribucuresti.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "instalatoribucuresti.com"] [uri "/xmlrpc.php"] [unique_id "aivWlTidFQoNHYPpj7_r7wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-06-12 07:50:56 (6 days ago)	(xmlrpc) Failed xmlrpc access from 175.111.117.22 (ID/Indonesia/-): 5 in the last 3600 secs (0-122)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 02:09:16 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 22:09:13.129663 2026] [security2:error] [pid 1572:tid 1572] [client 175.111.117.22:52705] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|d-sinema.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "aitqSej_cwai6N22rzOyBgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 01:37:50 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:37:43.568485 2026] [security2:error] [pid 26053:tid 26053] [client 175.111.117.22:52516] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|uccryakima.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uccryakima.org"] [uri "/xmlrpc.php"] [unique_id "aiti59dWKXUSAfKKw0ugtwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 09:27:55 (1 week ago)	[redacted] 175.111.117.22 - - [11/Jun/2026:11:27:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 175.111.117.22 - - [11/Jun/2026:11:27:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 175.111.117.22 - - [11/Jun/2026:11:27:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 175.111.117.22 - - [11/Jun/2026:11:27:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" [redacted] 175.111.117.22 - - [11/Jun/2026:11:27:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 175.111.117.22 - - [11/Jun/2026:11:27:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-11 09:01:12 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 abdubhai	2026-06-11 09:01:07 (1 week ago)	175.111.117.22 - - [11/Jun/2026: ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 08:12:06 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 175.111.117.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:12:00.656637 2026] [security2:error] [pid 19572:tid 19831] [client 175.111.117.22:64946] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 175.111.117.22 (+1 hits since last alert)\|mysticscon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mysticscon.com"] [uri "/xmlrpc.php"] [unique_id "aipt0HyrRrNmB8II8mOnNgAAARc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 84 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.244

🇰🇷 118.37.214.187

🇸🇪 83.191.176.93

🇺🇸 50.172.134.114

🇨🇱 179.60.74.35

🇨🇳 111.61.177.187

🇮🇳 103.174.80.9

🇮🇹 89.43.34.119

🇨🇳 58.220.10.131

🇧🇷 43.164.196.244

🇵🇱 185.16.38.216

🇻🇳 116.99.173.91

🇮🇪 98.71.8.129

🇹🇷 88.242.137.148

🇨🇿 78.44.192.210

🇺🇸 20.65.193.104

🇨🇳 14.103.112.243

🇯🇵 8.216.4.84

🇩🇪 213.209.159.225

🇨🇴 200.10.29.236