JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 15.235.145.72

15.235.145.72 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 67%: ?

67%

ISP	OVH Singapore PTE. LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	ns5011857.ip-15-235-145.net
Domain Name	ovh.net
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 15.235.145.72

Whois 15.235.145.72

IP Abuse Reports for 15.235.145.72:

This IP address has been reported a total of 79 times from 31 distinct sources. 15.235.145.72 was first reported on October 25th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 04:06:33 (2 days ago)	(mod_security) mod_security (id:234930) triggered by 15.235.145.72 (ns5011857.ip-15-235-145.net): 1 ... show more (mod_security) mod_security (id:234930) triggered by 15.235.145.72 (ns5011857.ip-15-235-145.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:06:28.615564 2026] [security2:error] [pid 2732:tid 2736] [client 15.235.145.72:63258] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|bbpuertadelsol.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "bbpuertadelsol.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aizXRFl6bFzJkNVEa80_8gAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-06-10 23:19:44 (4 days ago)	2026-06-11 @ 01:19:44 (CET) ~ Blocked for trying to access: /wp-includes/ID3/license.txt	Web App Attack
🇺🇸 lostswordfish.com	2026-06-10 22:08:04 (4 days ago)	Wordfence waf block on fairregistry	Web App Attack
🇮🇱 Dolphi	2026-06-10 21:52:14 (4 days ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-10 20:16:13 (4 days ago)	8.900 post requests in 1 hour (6d2h24m)	Brute-Force Bad Web Bot
Anonymous	2026-06-10 19:23:02 (4 days ago)	[osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonis ... show more [osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=//xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2026-06-10 18:48:02 (4 days ago)	15.235.145.72 - - [10/Jun/2026:20:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 ... show more 15.235.145.72 - - [10/Jun/2026:20:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 15.235.145.72 - - [10/Jun/2026:20:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 15.235.145.72 - - [10/Jun/2026:20:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 15.235.145.72 - - [10/Jun/2026:20:47:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 15.235.145.72 - - [10/Jun/2026:20:47:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638. ... show less	Brute-Force Web App Attack
🇸🇬 securejdprop	2026-06-10 18:42:46 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇩🇪 ecs.ge	2026-06-06 16:30:29 (1 week ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇮🇹 VHosting	2026-06-06 08:50:04 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇹🇷 baku.hosting	2026-06-06 08:13:14 (1 week ago)	CSF Auto Report: (cpanel) Failed cPanel login from 15.235.145.72 (SG/Singapore/ns5011857.ip-15-235-1 ... show more CSF Auto Report: (cpanel) Failed cPanel login from 15.235.145.72 (SG/Singapore/ns5011857.ip-15-235-145.net): 4 in the last 3600 secs show less	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-06-05 23:02:41 (1 week ago)	15.235.145.72 - - [06/Jun/2026:02:02:40 +0300] "GET /wp-content/upload.php HTTP/1.1" 404 708 "-" "Go ... show more 15.235.145.72 - - [06/Jun/2026:02:02:40 +0300] "GET /wp-content/upload.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-05 18:58:38 (1 week ago)	15.235.145.72 - - [05/Jun/2026:21:58:37 +0300] "GET /libraries/joomla/jmails.php HTTP/1.1" 404 708 " ... show more 15.235.145.72 - - [05/Jun/2026:21:58:37 +0300] "GET /libraries/joomla/jmails.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-05 16:57:54 (1 week ago)	15.235.145.72 - - [05/Jun/2026:19:57:53 +0300] "GET /wp-admin/wso112233.php HTTP/1.1" 404 708 "-" "G ... show more 15.235.145.72 - - [05/Jun/2026:19:57:53 +0300] "GET /wp-admin/wso112233.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇩🇪 ecs.ge	2026-06-05 16:28:07 (1 week ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking

Showing 1 to 15 of 79 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.96.139.139

🇵🇭 124.105.68.74

🇨🇳 223.11.63.95

🇮🇳 202.56.215.67

🇨🇱 179.60.73.130

🇯🇵 172.253.6.145

🇸🇪 170.62.100.168

🇩🇿 154.242.8.53

🇭🇰 123.58.215.102

🇨🇳 119.98.152.36

🇵🇰 101.53.241.142

🇫🇷 91.231.89.202

🇳🇱 83.168.106.26

🇳🇱 45.148.10.152

🇺🇸 2607:f8b0:400e:c07::12b

🇪🇸 196.196.150.5

🇺🇸 172.214.155.114

🇹🇭 152.32.245.93

🇮🇶 149.255.234.3

🇨🇳 112.6.75.202