JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.181.161.234

168.181.161.234 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 32%: ?

32%

ISP	TECNOLOGIA Y SISTEMAS WILCASJI SOCIEDAD ANONIMA
Usage Type	Commercial
ASN	AS264686
Domain Name	wilcasji.com
Country	🇨🇷 Costa Rica
City	Desamparados, San Jose

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.181.161.234

Whois 168.181.161.234

IP Abuse Reports for 168.181.161.234:

This IP address has been reported a total of 40 times from 26 distinct sources. 168.181.161.234 was first reported on January 17th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 A000Z	2026-06-09 06:56:29 (3 days ago)	Fail2Ban: 168.181.161.234 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/ ... show more Fail2Ban: 168.181.161.234 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36 show less	Bad Web Bot
🇮🇹 A000Z	2026-06-07 16:36:04 (4 days ago)	Fail2Ban: 168.181.161.234 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/ ... show more Fail2Ban: 168.181.161.234 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36 show less	Bad Web Bot
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇬🇧 PeravixGroup	2026-05-18 06:07:16 (3 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇬🇧 PeravixGroup	2026-05-16 21:06:46 (3 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 MPL	2026-05-12 02:01:11 (1 month ago)	tcp/23	Port Scan
🇦🇹 urnilxfgbez	2026-05-11 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 PeravixGroup	2026-05-10 22:40:57 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇦🇹 urnilxfgbez	2026-05-07 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 essinghigh	2026-05-06 21:51:21 (1 month ago)	IPS Detection: 168.181.161.234 -> DPT: 2323	Port Scan
🇳🇱 donarev419	2026-05-03 05:03:10 (1 month ago)	Port scan detected on port 23 (connection without data transfer)	Port Scan
🇺🇸 TPI-Abuse	2026-04-18 16:56:36 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 168.181.161.234 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 168.181.161.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 12:56:30.068168 2026] [security2:error] [pid 3490008:tid 3490008] [client 168.181.161.234:43860] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nessmonsters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nessmonsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeO3vrbr6SvEgy6NHhtgsQAAABA"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-12 01:51:44 (2 months ago)	DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: a ... show more DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: amplification attacks via third-parties e.g. HTTP_USER_AGENT facebookexternalhit/meta-externalagent/meta-externalfetcher or IPs from googleusercontent.com with fake HTTP_REFERER foxnews.com/newsweek.com/upwork.com/activision.com/... Port 443. show less	DDoS Attack Bad Web Bot Web App Attack
🇸🇮 extremevital	2026-04-07 03:10:08 (2 months ago)	...	Bad Web Bot
🇩🇪 HandyTreff.de	2026-03-31 07:41:11 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -56.702 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -56.702 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Sa show less	Web App Attack Bad Web Bot

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 35.203.211.56

🇫🇷 194.163.175.227

🇨🇳 117.14.150.174

🇮🇳 103.204.167.14

🇺🇸 79.127.160.135

🇫🇷 51.178.31.138

🇧🇷 45.164.55.31

🇬🇧 35.203.211.165

🇹🇼 1.169.247.17

🇧🇷 206.62.67.46

🇺🇸 205.210.31.53

🇲🇴 125.31.4.70

🇮🇩 103.179.56.44

🇨🇳 42.5.24.91

🇸🇬 172.253.211.85

🇺🇸 172.56.64.107

🇨🇦 52.139.36.83

🇨🇳 220.180.249.165

🇮🇩 202.155.157.145

🇧🇷 187.87.247.94