JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.118.130.176

149.118.130.176 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 100%: ?

100%

ISP	Oracle Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	🇲🇾 Malaysia
City	Kampung Sedenak, Johor

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.118.130.176

Whois 149.118.130.176

IP Abuse Reports for 149.118.130.176:

This IP address has been reported a total of 83 times from 53 distinct sources. 149.118.130.176 was first reported on May 18th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 rubixstudios	2026-06-03 21:13:02 (3 hours ago)	Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360	DDoS Attack Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-03 18:15:02 (6 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 conseilgouz	2026-06-03 09:05:31 (15 hours ago)	lae-6 : Trying access system files=>/wp-login.php(wp-login.php)	Hacking
🇩🇪 tentwentyfour	2026-06-03 08:59:29 (15 hours ago)	Blocked for brute-forcing WordPress log-in	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-03 05:47:55 (18 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 25	Exploited Host Web App Attack
🇲🇽 octageeks.com	2026-06-03 04:10:17 (20 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 TAY	2026-06-02 22:59:01 (1 day ago)	149.118.130.176 - - [03/Jun/2026:06:58:58 +0800] "POST /wp-login.php HTTP/1.1" 200 7667 "https://env ... show more 149.118.130.176 - - [03/Jun/2026:06:58:58 +0800] "POST /wp-login.php HTTP/1.1" 200 7667 "https://envicleansg.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15" 149.118.130.176 - - [03/Jun/2026:06:58:59 +0800] "POST /wp-login.php HTTP/1.1" 200 3377 "https://envicleansg.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0.1" 149.118.130.176 - - [03/Jun/2026:06:59:01 +0800] "POST /wp-login.php HTTP/1.1" 200 3380 "https://envicleansg.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" ... show less	Brute-Force
🇦🇺 2000cn.com.au	2026-06-02 22:24:44 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing	Web App Attack Hacking
🇺🇸 TAY	2026-06-02 21:58:58 (1 day ago)	149.118.130.176 - - [03/Jun/2026:05:58:54 +0800] "POST /wp-login.php HTTP/1.1" 200 3377 "https://env ... show more 149.118.130.176 - - [03/Jun/2026:05:58:54 +0800] "POST /wp-login.php HTTP/1.1" 200 3377 "https://envicleansg.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:92.0) Gecko/20100101 Firefox/92.0" 149.118.130.176 - - [03/Jun/2026:05:58:55 +0800] "POST /wp-login.php HTTP/1.1" 200 3377 "https://envicleansg.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" 149.118.130.176 - - [03/Jun/2026:05:58:57 +0800] "POST /wp-login.php HTTP/1.1" 200 3376 "https://envicleansg.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" ... show less	Brute-Force
🇺🇸 Jason Howell	2026-06-02 19:29:27 (1 day ago)	149.118.130.176 - - [02/Jun/2026:14:29:24 -0500] "GET /wp-login.php HTTP/1.1" 200 4341 "-" "Mozilla/ ... show more 149.118.130.176 - - [02/Jun/2026:14:29:24 -0500] "GET /wp-login.php HTTP/1.1" 200 4341 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Safari/605.1.15" 149.118.130.176 - - [02/Jun/2026:14:29:24 -0500] "POST /wp-login.php HTTP/1.1" 200 2082 "https://ponderosamobilehomepark.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" 149.118.130.176 - - [02/Jun/2026:14:29:24 -0500] "GET /wp-admin/index.php HTTP/1.1" 302 496 "https://ponderosamobilehomepark.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Safari/605.1.15" 149.118.130.176 - - [02/Jun/2026:14:29:26 -0500] "GET /wp-login.php?redirect_to=https%3A%2F%2Fponderosamobilehomepark.com%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 6372 "https://ponderosamobilehomepark.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Ap ... show less	Web App Attack
Anonymous	2026-06-02 13:48:19 (1 day ago)	Attac	Brute-Force
🇳🇱 Site.eu	2026-06-02 12:50:09 (1 day ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-06-02 11:53:05 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 BlueWire Hosting	2026-06-02 08:56:30 (1 day ago)	Probing websites for vulnerabilities	Web App Attack
🇫🇮 Rauno Asp	2026-06-02 05:30:40 (1 day ago)	Automated CMS vulnerability scanning detected. Requesting wp-login.php, xmlrpc.php, wlwmanifest.xml.	Web App Attack

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c06::12c

🇳🇱 213.177.179.155

🇸🇪 185.246.130.20

🇳🇱 172.233.41.45

🇻🇳 160.30.113.59

🇳🇱 159.223.232.176

🇭🇰 152.32.192.176

🇺🇸 150.107.38.69

🇮🇩 103.165.206.238

🇱🇦 103.43.78.196

🇺🇸 71.6.134.234

🇨🇳 47.97.112.136

🇬🇧 35.203.210.189

🇫🇷 2001:41d0:33a:a00::40e

🇩🇪 213.209.159.235

🇺🇸 181.214.48.175

🇨🇭 178.197.194.224

🇨🇳 171.113.241.44

🇺🇸 146.190.153.30

🇺🇸 139.60.76.2