JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.172.41

152.42.172.41 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 85%: ?

85%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.172.41

Whois 152.42.172.41

IP Abuse Reports for 152.42.172.41:

This IP address has been reported a total of 27 times from 14 distinct sources. 152.42.172.41 was first reported on June 16th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-18 01:10:41 (2 hours ago)	Login Too Frequent (7)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 00:10:37 (3 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:10:33.905063 2026] [security2:error] [pid 4988:tid 4988] [client 152.42.172.41:58152] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|batfry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "batfry.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajM3eT69-Fedk3FIc48_iwAAAAs"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-17 22:49:53 (4 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇺🇸 TAY	2026-06-17 22:48:31 (4 hours ago)	152.42.172.41 - - [18/Jun/2026:06:48:19 +0800] "POST /wp-login.php HTTP/1.1" 200 2625 "https://batuk ... show more 152.42.172.41 - - [18/Jun/2026:06:48:19 +0800] "POST /wp-login.php HTTP/1.1" 200 2625 "https://batukeras.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" 152.42.172.41 - - [18/Jun/2026:06:48:25 +0800] "POST /wp-login.php HTTP/1.1" 200 2629 "https://batukeras.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0" 152.42.172.41 - - [18/Jun/2026:06:48:30 +0800] "POST /wp-login.php HTTP/1.1" 200 2621 "https://batukeras.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇳🇱 Site.eu	2026-06-17 22:31:43 (4 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-17 21:57:07 (5 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:57:02.385299 2026] [security2:error] [pid 31752:tid 31752] [client 152.42.172.41:53081] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bbproductionsonline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bbproductionsonline.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajMYLsZPo7b3kdh43C8xAQAAAA0"], referer: https://t.co/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ConsulHosting	2026-06-17 20:24:57 (6 hours ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 20:24:02 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 16:23:56.677133 2026] [security2:error] [pid 28710:tid 28710] [client 152.42.172.41:61494] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|batesstrategygroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "batesstrategygroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajMCXMJWB6AAvGlNQGrFjwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 roxyapi	2026-06-17 20:08:42 (7 hours ago)	Honeypot: automated vulnerability scan / web app attack. Last probe: GET /wp-admin	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-17 17:08:45 (10 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.172.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:08:38.481481 2026] [security2:error] [pid 12812:tid 12812] [client 152.42.172.41:53281] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bb103.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bb103.us"] [uri "/wp-json/wp/v2/users"] [unique_id "ajLUljWxxEhIESTahDD8YQAAAAE"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 16:58:10 (10 hours ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇮 bittiguru.fi	2026-06-17 16:56:37 (10 hours ago)	152.42.172.41 - [17/Jun/2026:19:55:31 +0300] "POST /wp-login.php HTTP/1.1" 403 753 "https://virranva ... show more 152.42.172.41 - [17/Jun/2026:19:55:31 +0300] "POST /wp-login.php HTTP/1.1" 403 753 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" "2.37" 152.42.172.41 - [17/Jun/2026:19:55:48 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" "2.37" 152.42.172.41 - [17/Jun/2026:19:56:05 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:121.0) Gecko/20100101 Firefox/121.0" "2.37" 152.42.172.41 - [17/Jun/2026:19:56:21 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" "2.37" 152.42.172.41 - [17/Jun/2026:19:56:37 +0300] "POST /wp-logi ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-17 16:40:23 (10 hours ago)	152.42.172.41 - [17/Jun/2026:19:39:07 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranva ... show more 152.42.172.41 - [17/Jun/2026:19:39:07 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" "2.37" 152.42.172.41 - [17/Jun/2026:19:39:26 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" "2.37" 152.42.172.41 - [17/Jun/2026:19:39:43 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" "2.37" 152.42.172.41 - [17/Jun/2026:19:40:00 +0300] "POST /wp-login.php HTTP/1.1" 403 755 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" "2.37" 152.42.172.41 - [17/Jun/2026:19:40:22 +0300] "POST ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-17 16:24:01 (10 hours ago)	152.42.172.41 - [17/Jun/2026:19:22:41 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://virranva ... show more 152.42.172.41 - [17/Jun/2026:19:22:41 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" "2.37" 152.42.172.41 - [17/Jun/2026:19:23:01 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" "2.37" 152.42.172.41 - [17/Jun/2026:19:23:21 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" "2.37" 152.42.172.41 - [17/Jun/2026:19:23:40 +0300] "POST /wp-login.php HTTP/1.1" 403 754 "https://virranvarrelta.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" "2.37" 152.42.172.41 - [17/Jun/2026: ... show less	Hacking Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-17 16:22:52 (10 hours ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 195.178.191.5

🇨🇳 183.197.70.201

🇹🇼 198.235.24.97

🇭🇰 198.176.55.172

🇰🇷 175.198.18.3

🇺🇸 173.244.41.213

🇵🇭 155.137.105.224

🇺🇸 152.32.151.121

🇨🇳 124.88.113.29

🇺🇸 118.193.77.34

🇺🇸 104.152.52.55

🇧🇩 103.132.223.81

🇫🇷 91.231.89.251

🇫🇷 85.204.70.96

🇹🇷 78.135.66.249

🇺🇸 74.205.133.147

🇺🇸 68.235.46.57

🇱🇺 64.89.160.222

🇹🇼 60.250.151.203

🇺🇸 57.141.20.31