JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.191.2

152.42.191.2 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 74%: ?

74%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.191.2

Whois 152.42.191.2

IP Abuse Reports for 152.42.191.2:

This IP address has been reported a total of 19 times from 14 distinct sources. 152.42.191.2 was first reported on October 7th 2025, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-08 03:22:02 (7 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 mnsf	2026-06-08 00:05:53 (10 hours ago)	Login Too Frequent (7)	Brute-Force Web App Attack
🇩🇪 roxyapi	2026-06-07 19:58:59 (14 hours ago)	Honeypot: automated vulnerability scan / web app attack. Last probe: GET /wp-admin	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-07 18:07:31 (16 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.191.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.42.191.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:07:23.623310 2026] [security2:error] [pid 693:tid 693] [client 152.42.191.2:64061] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|zezel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zezel.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiWzW4dX_6OMWogCRwumkAAAAAE"], referer: https://www.bing.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-07 13:48:56 (20 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 stinpriza	2026-06-06 14:15:21 (1 day ago)	Web App Attack	Web App Attack
Anonymous	2026-06-06 04:45:19 (2 days ago)	Web attack blocked by Wordfence on mezzia.nl (1 hit). Reported by CRMON.	Web App Attack
🇫🇷 COMAITE	2026-06-06 03:17:45 (2 days ago)	CMS (WordPress or Joomla) brute force attempt.	Web App Attack
🇺🇸 TAY	2026-06-06 01:51:00 (2 days ago)	152.42.191.2 - - [06/Jun/2026:09:50:50 +0800] "POST /wp-login.php HTTP/1.1" 200 7081 "https://kacsb. ... show more 152.42.191.2 - - [06/Jun/2026:09:50:50 +0800] "POST /wp-login.php HTTP/1.1" 200 7081 "https://kacsb.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.130 Safari/537.36" 152.42.191.2 - - [06/Jun/2026:09:50:55 +0800] "POST /wp-login.php HTTP/1.1" 200 2795 "https://kacsb.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36" 152.42.191.2 - - [06/Jun/2026:09:50:59 +0800] "POST /wp-login.php HTTP/1.1" 200 2795 "https://kacsb.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/122.0" ... show less	Brute-Force
🇺🇸 TAY	2026-06-06 00:50:46 (2 days ago)	152.42.191.2 - - [06/Jun/2026:08:50:37 +0800] "POST /wp-login.php HTTP/1.1" 200 2769 "https://kacsb. ... show more 152.42.191.2 - - [06/Jun/2026:08:50:37 +0800] "POST /wp-login.php HTTP/1.1" 200 2769 "https://kacsb.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/119.0.1" 152.42.191.2 - - [06/Jun/2026:08:50:41 +0800] "POST /wp-login.php HTTP/1.1" 200 2806 "https://kacsb.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/121.0" 152.42.191.2 - - [06/Jun/2026:08:50:45 +0800] "POST /wp-login.php HTTP/1.1" 200 2797 "https://kacsb.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36" ... show less	Brute-Force
🇳🇱 ConsulHosting	2026-06-05 23:17:35 (2 days ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 22:29:40 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 152.42.191.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.42.191.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 18:29:35.844878 2026] [security2:error] [pid 29608:tid 29608] [client 152.42.191.2:61182] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|starcrestsales.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "starcrestsales.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiNNz3_0eBCUeiT6Nm0kzgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 20:20:05 (2 days ago)	IP banned by Fail2Ban in jail wordpress	Web App Attack Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-05 19:54:36 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 152.42.191.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.42.191.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 15:54:31.150206 2026] [security2:error] [pid 27573:tid 27597] [client 152.42.191.2:53155] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nordicatrio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nordicatrio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiMpd_R74HmNPrcI8kYiYQAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 16:10:28 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 2002:982a:bf02::982a:bf02 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 2002:982a:bf02::982a:bf02 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 12:10:16.723053 2026] [security2:error] [pid 8238:tid 8238] [client 2002:982a:bf02::982a:bf02:53513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|amywoodruff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amywoodruff.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiL06JGYkyvpCq0BERSCwQAAAAc"], referer: https://t.co/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.19.173.9

🇨🇳 112.102.169.165

🇭🇰 101.79.167.192

🇳🇱 34.91.181.104

🇻🇳 14.191.250.199

🇦🇺 2404:6800:4006:1002::12e

🇨🇳 223.199.179.232

🇰🇷 211.228.218.47

🇺🇸 207.180.11.19

🇬🇧 193.163.125.193

🇨🇳 180.153.236.155

🇺🇸 157.254.174.96

🇭🇰 152.32.226.205

🇭🇰 118.193.47.155

🇹🇼 101.13.5.63

🇺🇸 65.49.139.223

🇫🇷 51.68.107.156

🇺🇸 47.77.182.54

🇳🇱 45.142.193.9

🇪🇬 41.44.206.132