JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.118.221.77

161.118.221.77 was found in our database!

This IP was reported 115 times. Confidence of Abuse is 100%: ?

100%

ISP	500 Oracle Parkway
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	🇸🇬 Singapore
City	Kampong Loyang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.118.221.77

Whois 161.118.221.77

IP Abuse Reports for 161.118.221.77:

This IP address has been reported a total of 115 times from 76 distinct sources. 161.118.221.77 was first reported on June 1st 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 mrcrassi	2026-06-30 16:38:27 (2 hours ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-30 14:18:05 (5 hours ago)	161.118.221.77 - - [30/Jun/2026:11:18:02 -0300] "GET /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5. ... show more 161.118.221.77 - - [30/Jun/2026:11:18:02 -0300] "GET /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15" 161.118.221.77 - - [30/Jun/2026:11:18:03 -0300] "GET /wp-login.php HTTP/1.1" 404 826 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15" 161.118.221.77 - - [30/Jun/2026:11:18:03 -0300] "GET /wp-admin/ HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Safari/605.1.15" ... show less	Port Scan
Anonymous	2026-06-30 10:51:00 (8 hours ago)	CMS (WordPress or Joomla) brute force attempt.	Brute-Force
🇺🇸 paulo.apoloni	2026-06-30 07:48:12 (11 hours ago)	161.118.221.77 - - [30/Jun/2026:04:47:58 -0300] "GET /wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 ... show more 161.118.221.77 - - [30/Jun/2026:04:47:58 -0300] "GET /wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 161.118.221.77 - - [30/Jun/2026:04:47:59 -0300] "GET /wp-admin/ HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" 161.118.221.77 - - [30/Jun/2026:04:48:06 -0300] "GET /wp-admin/admin-ajax.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36" 161.118.221.77 - - [30/Jun/2026:04:48:07 -0300] "GET /wp-admin/load-scripts.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36" 161.118.221.77 - - [30/Jun/2026:04:48:08 -0300] "GET /wp-admin/load-styles.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 ... show less	Bad Web Bot Web App Attack
🇧🇷 vfAcceloReporter	2026-06-30 04:40:19 (14 hours ago)	161.118.221.77 - - [30/Jun/2026:01:40:04 -0300] "GET /wp-admin/admin-ajax.php HTTP/1.1" 500 579 "-" ... show more 161.118.221.77 - - [30/Jun/2026:01:40:04 -0300] "GET /wp-admin/admin-ajax.php HTTP/1.1" 500 579 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36" 161.118.221.77 - - [30/Jun/2026:01:40:05 -0300] "GET /wp-admin/load-scripts.php HTTP/1.1" 500 177 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15" 161.118.221.77 - - [30/Jun/2026:01:40:07 -0300] "GET /wp-admin/load-styles.php HTTP/1.1" 500 177 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15" 161.118.221.77 - - [30/Jun/2026:01:40:17 -0300] "GET /wp-includes/version.php HTTP/1.1" 500 177 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0" 161.118.221.77 - - [30/Jun/2026:01:40:19 -0300] "GET /wp-includes/functions.php HTTP/1.1" 500 579 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/ ... show less	Brute-Force Web App Attack Exploited Host
🇧🇷 Peregrine	2026-06-30 03:11:44 (16 hours ago)	Fail2Ban ct101 Jail: tomcat-404 \| Evidence: 161.118.221.77 162.158.190.3 - - [29/Jun/2026:23:05:46 - ... show more Fail2Ban ct101 Jail: tomcat-404 \| Evidence: 161.118.221.77 162.158.190.3 - - [29/Jun/2026:23:05:46 -0300] "GET /wp-admin/load-scripts.php HTTP/1.1" 404 18149 161.118.221.77 162.158.189.75 - - [29/Jun/2026:23:05:46 -0300] "GET /wp-admin/load-styles.php HTTP/1.1" 404 18149 161.118.221.77 172.71.124.124 - - [29/Jun/2026:23:05:47 -0300] "GET /wp-includes/js/jquery/jquery.js HTTP/1.1" 404 18149 161.118.221.77 172.70.93.9 - - [29/Jun/2026:23:05:48 -0300] "GET /wp-includes/css/dashicons.css HTTP/1.1" 404 18149 161.118.221.77 162.158.190.3 - - [29/Jun/2026:23:05:49 -0300] "GET /wp-content/themes/ HTTP/1.1" 404 18149 show less	Bad Web Bot Web App Attack
🇧🇷 Peregrine	2026-06-30 02:05:47 (17 hours ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 161.118.221.77 162.158.190.3 - - [29/Jun/2026:23:05 ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 161.118.221.77 162.158.190.3 - - [29/Jun/2026:23:05:43 -0300] "GET /wp-login.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇫🇷 SpaceHost-Server	2026-06-29 22:29:25 (20 hours ago)		Brute-Force Web App Attack
Anonymous	2026-06-29 20:27:02 (22 hours ago)	2026/06/29 16:26:57 [error] 1401#0: 4845 "/var/www/htdocs/wp-admin/index.html" is not found (2: No ... show more 2026/06/29 16:26:57 [error] 1401#0: 4845 "/var/www/htdocs/wp-admin/index.html" is not found (2: No such file or directory), client: 161.118.221.77, server: www.hquest.pro.br, request: "GET /wp-admin/ HTTP/1.1", host: "hquest.pro.br" 2026/06/29 16:26:58 [error] 1401#0: 4845 open() "/var/www/htdocs/wp-includes/js/jquery/jquery.js" failed (2: No such file or directory), client: 161.118.221.77, server: www.hquest.pro.br, request: "GET /wp-includes/js/jquery/jquery.js HTTP/1.1", host: "hquest.pro.br" 2026/06/29 16:26:58 [error] 1401#0: 4845 open() "/var/www/htdocs/wp-includes/css/dashicons.css" failed (2: No such file or directory), client: 161.118.221.77, server: www.hquest.pro.br, request: "GET /wp-includes/css/dashicons.css HTTP/1.1", host: "hquest.pro.br" ... show less	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-29 19:07:24 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-29 19:04:55 (1 day ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇺🇸 Penny Packer	2026-06-29 12:32:23 (1 day ago)	Fail2Ban apache-tripwires	Web App Attack
🇫🇮 oh.mg	2026-06-29 11:59:07 (1 day ago)	[Mon Jun 29 13:58:50.978117 2026] [security2:error] [pid 1652414:tid 1652418] [client 161.118.221.77 ... show more [Mon Jun 29 13:58:50.978117 2026] [security2:error] [pid 1652414:tid 1652418] [client 161.118.221.77:0] [client 161.118.221.77] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.eco"] [uri "/wp-login.php"] [unique_id "akJd-pfrS3fEJKdT2Q2e2AAAAIE"] [Mon Jun 29 13:59:07.504940 2026] [security2:error] [pid 1652414:tid 1652436] [client 161.118.221.77:0] [client 161.118.221.77] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "an ... show less	Web App Attack Bad Web Bot
🇩🇪 Ba-Yu	2026-06-29 04:21:17 (1 day ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 F242	2026-06-29 02:12:28 (1 day ago)	Wordpress Login or XMLRPC abuse	Web App Attack

Showing 1 to 15 of 115 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 154.16.44.73

🇸🇬 138.75.114.62

🇩🇪 87.106.47.28

🇨🇦 85.217.149.41

🇳🇱 20.71.254.235

🇹🇼 198.235.24.104

🇹🇼 198.235.24.94

🇲🇦 196.206.52.221

🇨🇳 180.184.43.90

🇬🇧 176.58.124.254

🇭🇰 119.246.15.94

🇰🇪 102.209.57.70

🇺🇸 100.28.153.226

🇺🇸 91.193.232.188

🇺🇸 24.30.46.44

🇰🇷 1.222.42.237

🇺🇸 2602:80d:1007::5b

🇺🇸 216.73.217.50

🇳🇱 195.178.110.227

🇳🇱 195.178.110.137