JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.142.138.216

161.142.138.216 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 58%: ?

58%

ISP	TT DOTCOM SDN BHD
Usage Type	Fixed Line ISP
ASN	AS9930
Domain Name	time.com.my
Country	🇲🇾 Malaysia
City	George Town, Penang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.142.138.216

Whois 161.142.138.216

IP Abuse Reports for 161.142.138.216:

This IP address has been reported a total of 18 times from 17 distinct sources. 161.142.138.216 was first reported on April 21st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 20:20:16 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 161.142.138.216 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 161.142.138.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:20:10.393217 2026] [security2:error] [pid 23971:tid 23971] [client 161.142.138.216:9791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|braintechsoftwaresolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "braintechsoftwaresolutions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai8M-jYiIHJZzCyPEId3ZQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-14 16:16:19 (1 day ago)	[SunJun1418:16:14.4687432026][security2:error][pid2913679:tid2913975][client161.142.138.216:0]ModSec ... show more [SunJun1418:16:14.4687432026][security2:error][pid2913679:tid2913975][client161.142.138.216:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"vanadhoc.ch\"][uri\"/xmlrpc.php\"][unique_id\"ai7TzoZTyfiDTsLKXOmzzwAAAQo\"] show less	Hacking Web App Attack
🇳🇱 MM-bot	2026-06-14 16:12:15 (1 day ago)	URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2026-06-14 18:12:15 UTC+2)	Web App Attack Hacking
🇺🇸 mccsoft.io	2026-06-14 08:35:32 (1 day ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-12 22:35:23 (3 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC MY/Malaysia/-	Web App Attack
🇺🇸 TAY	2026-06-11 11:05:05 (4 days ago)	161.142.138.216 - - [11/Jun/2026:19:02:42 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Mozilla/5 ... show more 161.142.138.216 - - [11/Jun/2026:19:02:42 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" 161.142.138.216 - - [11/Jun/2026:19:04:31 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/100.0.0.0 Safari/537.36" 161.142.138.216 - - [11/Jun/2026:19:05:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" ... show less	Brute-Force
🇩🇪 Holger	2026-05-29 19:18:01 (2 weeks ago)	WordPress WebAttack	Brute-Force Web App Attack
🇩🇪 rh24	2026-05-28 11:46:51 (2 weeks ago)	(wordpress) Failed wordpress login from 161.142.138.216 (MY/Malaysia/-): (CF_ENABLE)	Brute-Force
🇩🇪 Holger	2026-05-27 11:20:10 (2 weeks ago)	WordPress WebAttack	Brute-Force Web App Attack
🇺🇸 lostswordfish.com	2026-05-20 13:26:05 (3 weeks ago)	Wordfence waf block on uvfousor WPIDD	Web App Attack
🇫🇷 Thaliruth	2026-05-17 14:57:19 (4 weeks ago)	161.142.138.216 - - [17/May/2026:16:57:19 +0200] "POST /xmlrpc.php HTTP/1.1" 404 1060 "-" "Mozilla/5 ... show more 161.142.138.216 - - [17/May/2026:16:57:19 +0200] "POST /xmlrpc.php HTTP/1.1" 404 1060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/86.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
Anonymous	2026-05-09 13:00:57 (1 month ago)	161.142.138.216 - - [09/May/2026:14:59:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5. ... show more 161.142.138.216 - - [09/May/2026:14:59:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/68.0.0.0 Safari/537.36" 161.142.138.216 - - [09/May/2026:14:59:31 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/68.0.0.0 Safari/537.36" 161.142.138.216 - - [09/May/2026:15:00:11 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" 161.142.138.216 - - [09/May/2026:15:00:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" 161.142.138.216 - - [09/May/2026:15:00:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/92.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇸🇪 Per-Erik Runebert	2026-05-05 08:39:34 (1 month ago)	Malicious vulnerability hacking attacks	Hacking Web App Attack
Anonymous	2026-05-05 03:06:36 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 jcbriar	2026-05-01 08:57:12 (1 month ago)	Searching for vulnerable scripts	Hacking Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.182.183.153

🇺🇸 142.147.146.232

🇲🇾 118.101.76.65

🇺🇸 100.29.192.53

🇫🇷 85.217.140.50

🇮🇷 31.7.66.163

🇺🇸 208.110.65.74

🇺🇸 205.210.31.6

🇺🇸 195.184.76.94

🇧🇬 193.24.211.107

🇺🇸 193.3.53.9

🇻🇳 180.93.172.213

🇺🇸 173.194.103.170

🇦🇱 141.98.140.155

🇩🇪 141.95.54.59

🇸🇬 129.226.221.96

🇨🇳 123.173.78.139

🇵🇭 120.28.109.188

🇻🇳 113.160.201.174

🇫🇷 85.217.140.19