JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 111.229.141.137

111.229.141.137 was found in our database!

This IP was reported 274 times. Confidence of Abuse is 100%: ?

100%

ISP	Tencent cloud computing (Beijing) Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45090
Domain Name	tencentcloud.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 111.229.141.137

Whois 111.229.141.137

IP Abuse Reports for 111.229.141.137:

This IP address has been reported a total of 274 times from 84 distinct sources. 111.229.141.137 was first reported on May 18th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Marc	2026-05-30 16:05:29 (4 days ago)	111.229.141.137 - - [30/May/2026:16:46:40 +0200] "GET /wp-login.php HTTP/2.0" 200 3822 "https://weis ... show more 111.229.141.137 - - [30/May/2026:16:46:40 +0200] "GET /wp-login.php HTTP/2.0" 200 3822 "https://weiss-blau-hemer.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:16:48:35 +0200] "GET /wp-login.php HTTP/2.0" 200 3881 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:16:48:35 +0200] "POST /wp-login.php HTTP/2.0" 200 4634 "https://bente-personaldienstleistung.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:16:52:48 +0200] "GET /wp-login.php HTTP/1.1" 200 4061 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:18:05:28 +0200] "GET /wp-login.php HTTP/2.0" 200 3865 "-" "Mozilla/5.0 (Windows show less	Brute-Force Web App Attack
🇨🇦 KIsmay	2026-05-30 15:56:29 (4 days ago)	May 30 10:48:54 www4 WPAudit[49025]: 111.229.141.137 lemoncreekcampground.ca "Mozilla/5.0 (Windows N ... show more May 30 10:48:54 www4 WPAudit[49025]: 111.229.141.137 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" lemoncreek:lemoncreek123 FAIL May 30 11:15:15 www4 WPAudit[50906]: 111.229.141.137 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:123456 FAIL May 30 11:31:16 www4 WPAudit[51890]: 111.229.141.137 www.amandasrestaurant.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" gina:Bot@123456 FAIL May 30 11:40:36 www4 WPAudit[46977]: 111.229.141.137 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ncs-admin:Bot@123456 FAIL May 30 11:56:29 www4 WPAudit[53646]: 111.229.141.137 imaginesalmon.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gec ... show less	Brute-Force Web App Attack
🇺🇸 TAY	2026-05-30 15:54:57 (4 days ago)	111.229.141.137 - - [30/May/2026:23:51:20 +0800] "POST /wp-login.php HTTP/1.1" 200 2977 "https://www ... show more 111.229.141.137 - - [30/May/2026:23:51:20 +0800] "POST /wp-login.php HTTP/1.1" 200 2977 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:23:53:51 +0800] "POST /wp-login.php HTTP/1.1" 200 2758 "https://rudyrealty.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:23:54:51 +0800] "POST /wp-login.php HTTP/1.1" 200 2977 "https://mail.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇨🇿 huginet	2026-05-30 15:51:24 (4 days ago)	111.229.141.137 - - [30/May/2026:17:51:22 +0200] "GET /wp-login.php HTTP/1.1" 200 9112 "-" "Mozilla/ ... show more 111.229.141.137 - - [30/May/2026:17:51:22 +0200] "GET /wp-login.php HTTP/1.1" 200 9112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:17:51:23 +0200] "POST /wp-login.php HTTP/1.1" 200 9549 "https://centrum-eko-likvidace.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-05-30 15:44:10 (4 days ago)	(wplogin) Failed WordPress login from 111.229.141.137 (CN/China/-): 5 in the last 3600 secs (0-122)	Hacking
🇺🇸 nyt	2026-05-30 15:33:59 (4 days ago)	Brute-Force, Web App Attack, 503 on login page	Brute-Force Web App Attack
🇬🇧 consul.to	2026-05-30 15:33:13 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 dynamix	2026-05-30 14:51:49 (4 days ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TAY	2026-05-30 14:43:08 (4 days ago)	111.229.141.137 - - [30/May/2026:22:37:36 +0800] "POST /wp-login.php HTTP/1.1" 200 2973 "https://www ... show more 111.229.141.137 - - [30/May/2026:22:37:36 +0800] "POST /wp-login.php HTTP/1.1" 200 2973 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:22:42:04 +0800] "POST /wp-login.php HTTP/1.1" 200 2975 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [30/May/2026:22:43:07 +0800] "POST /wp-login.php HTTP/1.1" 200 2973 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇲🇹 Malta	2026-05-30 14:23:08 (4 days ago)	111.229.141.137 - - [30/May/2026:16:23:08 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 111.229.141.137 - - [30/May/2026:16:23:08 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇧 spamverify.com	2026-05-30 14:22:43 (4 days ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
Anonymous	2026-05-29 10:46:11 (5 days ago)	Failed Wordpress Logins	Web App Attack
🇫🇷 tecnicorioja	2026-05-27 22:01:10 (1 week ago)	wp-login attack [27/May/2026:06:49:24	Brute-Force Web App Attack
🇩🇪 4server	2026-05-27 07:40:29 (1 week ago)	[WedMay2709:40:25.8087522026][security2:error][pid2862417:tid2862486][client111.229.141.137:0]ModSec ... show more [WedMay2709:40:25.8087522026][security2:error][pid2862417:tid2862486][client111.229.141.137:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mgevents.ch\"][uri\"/wp-login.php\"][unique_id\"ahaf6Ubm0vRXISd8VVORkAAAAIE\"]\,referer:https://mgevents.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇫🇷 dwmp	2026-05-27 02:57:22 (1 week ago)	111.229.141.137 - - [26/May/2026:22:39:16 +0200] "POST /wp-login.php HTTP/1.1" 200 7568 "https://www ... show more 111.229.141.137 - - [26/May/2026:22:39:16 +0200] "POST /wp-login.php HTTP/1.1" 200 7568 "https://www.odontotecnicomodena.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [27/May/2026:00:10:55 +0200] "POST /wp-login.php HTTP/1.1" 200 7562 "https://www.odontotecnicomodena.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 111.229.141.137 - - [27/May/2026:04:57:21 +0200] "POST /wp-login.php HTTP/1.1" 200 7570 "https://www.odontotecnicomodena.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force

Showing 76 to 90 of 274 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.15

🇮🇳 2401:4900:88d8:89c5:a166:b840:d9b3:b04b

🇧🇪 198.235.24.249

🇩🇪 192.109.200.78

🇳🇱 176.65.149.138

🇺🇸 174.138.34.89

🇪🇬 156.213.168.89

🇺🇸 147.185.132.109

🇺🇸 147.185.132.58

🇭🇰 144.48.241.162

🇨🇳 116.179.32.142

🇺🇸 108.179.211.237

🇳🇱 80.82.65.84

🇺🇸 66.132.224.30

🇺🇸 66.132.186.252

🇺🇸 66.132.172.238

🇨🇳 61.179.73.179

🇵🇪 38.250.157.99

🇨🇳 14.103.117.73

🇩🇪 194.5.207.168