JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.118.222.149

161.118.222.149 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 91%: ?

91%

ISP	500 Oracle Parkway
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	🇸🇬 Singapore
City	Kampong Loyang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.118.222.149

Whois 161.118.222.149

IP Abuse Reports for 161.118.222.149:

This IP address has been reported a total of 19 times from 15 distinct sources. 161.118.222.149 was first reported on June 25th 2026, and the most recent report was 18 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-26 00:15:22 (18 minutes ago)	(caddyscan) Scanner path probe from 161.118.222.149 (SG/Singapore/-): 5 in the last 3600 secs; Ports ... show more (caddyscan) Scanner path probe from 161.118.222.149 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 161.118.222.149 - - [26/Jun/2026:00:15:16 +0000] "GET /wp-login.php HTTP/1.1" [REDACTED] 200 2627 161.118.222.149 - - [26/Jun/2026:00:15:16 +0000] "GET /wp-admin/ HTTP/1.1" [REDACTED] 200 2627 161.118.222.149 - - [26/Jun/2026:00:15:17 +0000] "GET /wp-admin/admin-ajax.php HTTP/1.1" [REDACTED] 200 2627 161.118.222.149 - - [26/Jun/2026:00:15:17 +0000] "GET /wp-admin/load-scripts.php HTTP/1.1" [REDACTED] 200 2627 161.118.222.149 - - [26/Jun/2026:00:15:17 +0000] "GET /wp-admin/load-styles.php HTTP/1.1" show less	Port Scan
🇺🇸 OceanTreasure	2026-06-25 22:47:33 (1 hour ago)	tcp/443; WordPress login page access attempt: "GET /wp-login.php" @ 2026-06-25T22:41:36Z [proxy]	Brute-Force
🇺🇸 Lee Daniel	2026-06-25 22:32:37 (2 hours ago)	161.118.222.149 - - [25/Jun/2026:18:32:34 -0400] "GET /wp-admin/load-scripts.php HTTP/1.1" 404 30561 ... show more 161.118.222.149 - - [25/Jun/2026:18:32:34 -0400] "GET /wp-admin/load-scripts.php HTTP/1.1" 404 30561 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 161.118.222.149 - - [25/Jun/2026:18:32:34 -0400] "GET /wp-admin/load-styles.php HTTP/1.1" 404 30565 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" 161.118.222.149 - - [25/Jun/2026:18:32:35 -0400] "GET /wp-content/themes/ HTTP/1.1" 404 30553 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15" 161.118.222.149 - - [25/Jun/2026:18:32:36 -0400] "GET /wp-content/plugins/ HTTP/1.1" 404 30554 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0" 161.118.222.149 - - [25/Jun/2026:18:32:36 -0400] "GET /wp-includes/version.php HTTP/1.1" 404 30567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537. ... show less	DDoS Attack Web Spam Email Spam Port Scan Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 21:37:05 (2 hours ago)	(mod_security) mod_security (id:225170) triggered by 161.118.222.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 161.118.222.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 17:36:59.901801 2026] [security2:error] [pid 8666:tid 8666] [client 161.118.222.149:59208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|faithlines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "faithlines.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj2fexbwKLalb8GOCvDFUAAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇭 thaizone.com	2026-06-25 21:35:04 (2 hours ago)	Brute Force Attack on a Web Application #1	DDoS Attack Web Spam Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-25 21:27:40 (3 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇦 polycoda	2026-06-25 21:21:41 (3 hours ago)	📄 Probes for wp-login.php and other inexistent URLs	Hacking Web App Attack
🇨🇦 polycoda	2026-06-25 21:05:55 (3 hours ago)	AutoBlock: 📂 Directory Listings (Decay-Based) - ❌ Excessive 40X Errors (Decay-Based) - ↪️ Excessive ... show more AutoBlock: 📂 Directory Listings (Decay-Based) - ❌ Excessive 40X Errors (Decay-Based) - ↪️ Excessive 30X Errors (Decay-Based) show less	Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-06-25 21:00:08 (3 hours ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 19:46:47 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 161.118.222.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 161.118.222.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 15:46:43.366333 2026] [security2:error] [pid 24244:tid 24246] [client 161.118.222.149:56253] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|coasterdvdsonline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coasterdvdsonline.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj2Fo6NjPmusWjdM1nbL_AAAAcA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-25 19:16:41 (5 hours ago)	Aggressive web search of vulnerable pages: /wp-login.php /wp-admin/ /wp-admin/admin-ajax.php /wp-adm ... show more Aggressive web search of vulnerable pages: /wp-login.php /wp-admin/ /wp-admin/admin-ajax.php /wp-admin/load-scripts.php /wp-admin/load-styles.p ... show less	Web App Attack
🇧🇪 cmbplf	2026-06-25 19:09:29 (5 hours ago)	11.403 requests in 1 hour (6d20h59m)	Brute-Force Bad Web Bot
🇬🇧 NotCool	2026-06-25 19:02:57 (5 hours ago)	(WPLOGIN) WP Login Attack 161.118.222.149 (SG/Singapore/-): 50 in the last 3600 secs	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 18:51:23 (5 hours ago)	(mod_security) mod_security (id:225170) triggered by 161.118.222.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 161.118.222.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 14:51:19.460463 2026] [security2:error] [pid 3703:tid 3703] [client 161.118.222.149:53709] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|expertprofessionalcleaners.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "expertprofessionalcleaners.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj14py7R2nwMYB0FNplkmQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ConsulHosting	2026-06-25 17:58:58 (6 hours ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇿 193.169.161.57

🇺🇸 172.253.85.93

🇻🇳 171.231.191.142

🇨🇳 111.228.13.226

🇺🇸 66.132.172.147

🇧🇪 198.235.24.165

🇬🇧 188.240.59.41

🇺🇸 184.32.233.196

🇨🇳 106.12.151.23

🇬🇧 90.241.105.56

🇧🇾 81.30.98.142

🇸🇪 78.71.220.153

🇺🇸 66.132.186.242

🇳🇱 45.148.10.141

🇺🇸 37.140.223.144

🇺🇸 20.115.45.115

🇺🇸 2.57.148.196

🇺🇸 216.25.89.131

🇩🇪 213.209.159.238

🇲🇽 200.68.181.198