JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2.57.222.11

2.57.222.11 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 37%: ?

37%

ISP	Teleone OU
Usage Type	Fixed Line ISP
ASN	AS207568
Hostname(s)	11.4.static.teleone.ee
Domain Name	teleone.ee
Country	🇪🇪 Estonia
City	Tallinn, Harjumaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2.57.222.11

Whois 2.57.222.11

IP Abuse Reports for 2.57.222.11:

This IP address has been reported a total of 10 times from 10 distinct sources. 2.57.222.11 was first reported on August 12th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇪 RoboSOC	2026-06-11 20:31:45 (4 days ago)	React Server Components Remote Code Execution Vulnerability, PTR: 11.4.static.teleone.ee.	Hacking
🇫🇷 masterguru	2026-06-11 07:38:58 (4 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 2.57.222.11 (EE/Estonia/11.4.static.t ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 2.57.222.11 (EE/Estonia/11.4.static.teleone.ee): 2 in the last 3600 secs (0-196) show less	Hacking
🇦🇺 MAGIC	2026-06-09 00:36:31 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇩 hermawan	2026-06-05 01:08:22 (1 week ago)	[Fri Jun 05 08:08:21.854495 2026] [authz_core:error] [pid 616637:tid 139764454876864] [client 2.57.2 ... show more [Fri Jun 05 08:08:21.854495 2026] [authz_core:error] [pid 616637:tid 139764454876864] [client 2.57.222.11:60550] AH01630: client denied by server configuration: /var/www/index.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[616648] [pK39SzcL+YU] [aiIhhVX7zjAgCaFPYVgZCQAAzwo] keep_alive=[1] [2026-06-05 08:08:21.854499] [R:aiIhhVX7zjAgCaFPYVgZCQAAzwo] UA:'Mozilla/5.0 (iPhone; CPU iPhone OS 17_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) EdgiOS/122.0.2365.99 Version/17.0 Mobile/15E148 Safari/604.1' Host:'staklim-jatim.bmkg.go.id:443' ACCEPT:'/' Accept-Encoding:'gzip, deflate, br Accept-Language:'en-US,en;q=0.8 ... show less	Email Spam Hacking
Anonymous	2026-06-03 13:00:16 (1 week ago)	Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signatur ... show more Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signature Blocked: /wishlist/index/add/product/13679/form_key/kyqwuoVGoMDrgFFv/ \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like G... show less	Hacking Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-04-30 11:53:55 (1 month ago)	Bad web bot: Spoofed/obsolete UA (Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/7800-10-22 04:24: ... show more Bad web bot: Spoofed/obsolete UA (Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/7800-10-22 04:24:39.058563 Firefox/6.0). Mass-scanning WordPress plugin. Coordinated large-scale bot attack. show less	Bad Web Bot Web App Attack
🇸🇬 securejdprop	2026-04-30 06:22:53 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Network 🕵 sc ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Network 🕵 scan 🎩 Nuclei 👨‍💻). Ip 2.57.222.11 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-04-30 06:22:52.088208146 +0000 UTC show less	Hacking Web App Attack
🇬🇧 davelegg	2026-04-01 17:00:00 (2 months ago)	Participated in Layer 7 DDoS attack against forum search endpoint. Part of residential botnet using ... show more Participated in Layer 7 DDoS attack against forum search endpoint. Part of residential botnet using 15,000+ unique IPs with 8 round-robined browser user agents. Behavior: deep pagination of search/tag queries (up to page 1500+), findComment chain crawling, 87% requests closed before response (499). No static assets loaded. Attack ramped from ~1,800 req/hr to ~14,000 req/hr over 17 hours then stopped abruptly. Observed 2026-04-01. show less	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 vtchost.com	2026-03-21 08:04:08 (2 months ago)	minux.cc:443 2.57.222.11 - - [21/Mar/2026:09:04:07 +0100] "GET /403.html HTTP/1.1" 302 3058 "-" "Moz ... show more minux.cc:443 2.57.222.11 - - [21/Mar/2026:09:04:07 +0100] "GET /403.html HTTP/1.1" 302 3058 "-" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1667.0 Safari/537.36" ... show less	Bad Web Bot
🇩🇪 marzzzello	2025-08-12 02:03:22 (10 months ago)	Ports: 15x 41963	Port Scan

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 223.204.115.204

🇭🇰 199.45.155.105

🇷🇺 95.108.213.146

🇷🇺 91.146.28.230

🇺🇸 64.62.156.59

🇳🇱 45.148.10.157

🇫🇷 37.67.92.188

🇺🇸 8.231.238.26

🇮🇷 2.189.99.154

🇬🇧 193.176.29.26

🇨🇴 181.49.8.57

🇺🇸 129.121.85.48

🇮🇳 117.216.147.229

🇨🇳 116.62.163.56

🇱🇹 91.224.92.17

🇫🇷 85.217.140.42

🇺🇸 71.6.199.23

🇹🇿 41.59.200.166

🇺🇸 34.186.1.115

🇳🇱 20.160.86.7