JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 150.136.168.49

150.136.168.49 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	Oracle Public Cloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracleemaildelivery.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 150.136.168.49

Whois 150.136.168.49

IP Abuse Reports for 150.136.168.49:

This IP address has been reported a total of 32 times from 15 distinct sources. 150.136.168.49 was first reported on December 19th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 giffy	2025-01-08 19:10:00 (1 year ago)	Scanning for common CMS URLs	Web App Attack
🇩🇪 conseilgouz	2025-01-05 06:13:11 (1 year ago)	doe-7 : Trying access unauthorized files/dir=>/wp/wp-includes/wlwmanifest.xml	Hacking
🇺🇸 TPI-Abuse	2025-01-04 22:23:54 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 150.136.168.49 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 150.136.168.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 04 17:23:47.800012 2025] [security2:error] [pid 2283454:tid 2283454] [client 150.136.168.49:55271] [client 150.136.168.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.enduratuff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.enduratuff.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z3m088--nVCgdyQeIXD1eQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-04 20:46:36 (1 year ago)	wp admin page access attempt ...	Hacking Web App Attack
🇨🇦 polycoda	2025-01-04 19:01:20 (1 year ago)	⌨️ Probes for wlwmanifest.xml everywhere	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-01-04 07:15:23 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 150.136.168.49 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 150.136.168.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 04 02:15:14.891653 2025] [security2:error] [pid 2239753:tid 2239753] [client 150.136.168.49:50141] [client 150.136.168.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.cafelimelight.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cafelimelight.info"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z3jgAhE9zG4dIxihIzmyEwAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2025-01-02 21:01:11 (1 year ago)	Too many Status 40X (13) Too many Status 50X (16)	Brute-Force Web App Attack
Anonymous	2025-01-02 00:19:44 (1 year ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-01-01 22:22:41 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 150.136.168.49 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 150.136.168.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 01 17:22:37.083385 2025] [security2:error] [pid 2319:tid 2319] [client 150.136.168.49:65353] [client 150.136.168.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cpking.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cpking.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "Z3XALUhUOoYfAzwD6bZUGwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 mondor.ro	2024-12-28 13:19:05 (1 year ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 150.136.168.49, Reason ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 150.136.168.49, Reason:[(manifest) WordPress wlwmanifest.xml Attack 150.136.168.49 (US/United States/-): 10 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less	Port Scan
🇫🇷 GEDAL	2024-12-28 11:14:34 (1 year ago)	$f2bV_matches	Brute-Force SSH
Anonymous	2024-12-28 10:46:29 (1 year ago)	(wordpress) Failed wordpress login from 150.136.168.49 (US/United States/-)	Brute-Force
🇫🇷 GEDAL	2024-12-28 10:22:48 (1 year ago)	150.136.168.49 - - [21/Dec/2024:04:32:19 +0100] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 40 ... show more 150.136.168.49 - - [21/Dec/2024:04:32:19 +0100] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45697 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 150.136.168.49 - - [21/Dec/2024:04:32:20 +0100] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45697 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 150.136.168.49 - - [21/Dec/2024:04:32:20 +0100] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45697 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 150.136.168.49 - - [21/Dec/2024:04:32:21 +0100] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45697 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" show less	Brute-Force SSH
🇫🇷 Murazaki	2024-12-25 23:03:01 (1 year ago)	150.136.168.49 - - [25/Dec/2024:23:03:35 +0100] "" 400 0 "-" "-" "-" ...	Hacking
🇨🇭 zynex	2024-12-25 18:14:01 (1 year ago)	URL Probing: /xmlrpc.php	Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 178.16.53.241

🇵🇱 74.248.36.50

🇺🇸 65.49.1.193

🇺🇸 216.218.206.97

🇫🇷 195.154.55.188

🇬🇧 185.161.7.188

🇩🇪 69.5.169.248

🇺🇸 64.62.156.95

🇺🇸 64.62.156.78

🇺🇸 64.62.156.75

🇨🇳 60.255.231.61

🇷🇺 213.108.251.83

🇺🇸 198.98.62.211

🇧🇷 170.238.160.191

🇫🇷 103.110.160.226

🇩🇪 91.192.10.179

🇳🇱 91.92.40.5

🇺🇸 64.62.156.66

🇺🇸 64.62.156.41

🇺🇸 64.62.156.32