JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.0.161.248

65.0.161.248 was found in our database!

This IP was reported 72 times. Confidence of Abuse is 81%: ?

81%

ISP	Amazon Data Services India
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-65-0-161-248.ap-south-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.0.161.248

Whois 65.0.161.248

IP Abuse Reports for 65.0.161.248:

This IP address has been reported a total of 72 times from 37 distinct sources. 65.0.161.248 was first reported on May 15th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 octageeks.com	2026-05-22 04:06:47 (3 weeks ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇫🇷 tecnicorioja	2026-05-21 22:01:04 (3 weeks ago)	wp-login attack [21/May/2026:12:55:54	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-21 21:59:46 (3 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-20. show less	Web App Attack SSH Hacking
🇪🇸 masterguru	2026-05-21 13:46:28 (3 weeks ago)	(wplogin) Failed WordPress login from 65.0.161.248 (IN/India/ec2-65-0-161-248.ap-south-1.compute.ama ... show more (wplogin) Failed WordPress login from 65.0.161.248 (IN/India/ec2-65-0-161-248.ap-south-1.compute.amazonaws.com): 5 in the last 3600 secs (0-122) show less	Hacking
🇺🇸 Jason Howell	2026-05-21 13:16:06 (3 weeks ago)	65.0.161.248 - - [21/May/2026:07:35:40 -0500] "GET /wp-login.php HTTP/1.1" 200 4152 "-" "Mozilla/5.0 ... show more 65.0.161.248 - - [21/May/2026:07:35:40 -0500] "GET /wp-login.php HTTP/1.1" 200 4152 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:07:35:41 -0500] "GET /wp-login.php HTTP/1.1" 200 4152 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:07:35:41 -0500] "POST /wp-login.php HTTP/1.1" 200 1940 "https://www.qctotaltech.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:08:16:03 -0500] "GET /wp-login.php HTTP/1.1" 200 4152 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:08:16:06 -0500] "GET /wp-login.php HTTP/1.1" 200 4153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (K ... show less	Web App Attack
🇺🇸 TAY	2026-05-21 13:09:35 (3 weeks ago)	65.0.161.248 - - [21/May/2026:20:59:54 +0800] "POST /wp-login.php HTTP/1.1" 200 2981 "https://autism ... show more 65.0.161.248 - - [21/May/2026:20:59:54 +0800] "POST /wp-login.php HTTP/1.1" 200 2981 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:21:01:11 +0800] "POST /wp-login.php HTTP/1.1" 200 2980 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:21:09:34 +0800] "POST /wp-login.php HTTP/1.1" 200 2673 "https://mail.littleprairie.com.my/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force
🇫🇷 masterguru	2026-05-21 13:05:33 (3 weeks ago)	(modsec_5040) ModSec 5040: API Basic Auth blocked from 65.0.161.248 (IN/India/ec2-65-0-161-248.ap-so ... show more (modsec_5040) ModSec 5040: API Basic Auth blocked from 65.0.161.248 (IN/India/ec2-65-0-161-248.ap-south-1.compute.amazonaws.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇨🇿 huginet	2026-05-21 12:42:50 (3 weeks ago)	65.0.161.248 - - [21/May/2026:14:42:49 +0200] "GET /wp-login.php HTTP/1.1" 200 9112 "-" "Mozilla/5.0 ... show more 65.0.161.248 - - [21/May/2026:14:42:49 +0200] "GET /wp-login.php HTTP/1.1" 200 9112 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.0.161.248 - - [21/May/2026:14:42:49 +0200] "POST /wp-login.php HTTP/1.1" 200 9549 "https://centrum-eko-likvidace.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-05-21 12:42:26 (3 weeks ago)	WordPress login attempt	Brute-Force
🇩🇪 nyt	2026-05-21 12:29:43 (3 weeks ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-05-21 12:15:09 (3 weeks ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 BlueWire Hosting	2026-05-21 12:09:41 (3 weeks ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇩🇪 AlexEventfahrtenIPDB	2026-05-21 12:07:03 (3 weeks ago)	[Thu May 21 14:07:03.632885 2026] [authz_core:error] [pid 2686718:tid 2686718] [client 65.0.161.248: ... show more [Thu May 21 14:07:03.632885 2026] [authz_core:error] [pid 2686718:tid 2686718] [client 65.0.161.248:47880] AH01630: client denied by server configuration: /var/www/std-sites/cadillac/wp-login.php ... show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-05-21 11:04:11 (3 weeks ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇦🇺 QT	2026-05-21 11:00:53 (3 weeks ago)	Unauthorised WordPress admin login attempted at 2026-05-21 21:00:45 +1000	Web App Attack

Showing 1 to 15 of 72 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇹🇹 186.45.132.166

🇺🇸 172.203.241.222

🇩🇪 159.195.22.182

🇺🇸 154.30.71.40

🇳🇱 91.92.42.34

🇷🇺 89.23.113.208

🇪🇸 80.103.63.136

🇳🇱 185.224.128.16

🇬🇧 185.216.145.184

🇳🇱 178.62.239.17

🇧🇦 109.94.104.13

🇹🇭 103.230.120.88

🇧🇫 102.180.41.95

🇳🇱 91.92.40.18

🇵🇱 83.8.69.56

🇩🇪 5.178.101.127

🇬🇧 188.240.59.48

🇫🇷 185.177.72.9

🇭🇰 183.87.142.223