JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.191.242

152.42.191.242 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.191.242

Whois 152.42.191.242

IP Abuse Reports for 152.42.191.242:

This IP address has been reported a total of 34 times from 19 distinct sources. 152.42.191.242 was first reported on July 23rd 2025, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2025-07-28 09:10:12 (11 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /cms/wp-includes/wlwmanifest.xml UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇴 j458rjqwi348fhjq46	2025-07-28 07:54:40 (11 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extende ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extended rules), Suspicious short random path, Suspicious path: /t4 (+2 more). Activity: 737 requests to 359 URLs. Period: 2025-07-28 02:26:38 - 2025-07-28 02:26:35 (America/Bogota). Origin: SG. Source: Automated WAF log analysis. show less	Hacking Web App Attack
🇮🇱 Dolphi	2025-07-27 14:00:04 (11 months ago)	POST //xmlrpc.php	Brute-Force Web App Attack
🇩🇪 Vegascosmetics	2025-07-26 21:51:14 (11 months ago)	Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.	Bad Web Bot
Anonymous	2025-07-26 18:44:23 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Vegascosmetics	2025-07-26 06:02:19 (11 months ago)	Kingcopy(AI-IDS):IP does Excessive BAD Request Abuse	Bad Web Bot
🇺🇸 TPI-Abuse	2025-07-25 22:49:58 (11 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.191.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.191.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 25 18:49:51.912233 2025] [security2:error] [pid 21932:tid 21932] [client 152.42.191.242:51215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.texascottagebakers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.texascottagebakers.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aIQKD7krs2SEz2s3C1DQjgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2025-07-25 21:51:15 (11 months ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
🇩🇪 Interceptor_HQ	2025-07-25 07:12:52 (11 months ago)	request_uri: //wp-includes/ID3/license.txt -- automatic report --	Hacking Brute-Force
🇳🇱 Site.eu	2025-07-25 05:36:04 (11 months ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇭🇺 DumaNet	2025-07-25 02:42:00 (11 months ago)	WordPress (CMS) attack attempts. Date: 2025 Jul 24. 07:01:28 Source IP: 152.42.191.242 Portion ... show more WordPress (CMS) attack attempts. Date: 2025 Jul 24. 07:01:28 Source IP: 152.42.191.242 Portion of the log(s): 152.42.191.242 - [24/Jul/2025:06:59:45 +0200] "GET /site/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 152.42.191.242 - [24/Jul/2025:06:59:45 +0200] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 152.42.191.242 - [24/Jul/2025:06:59:45 +0200] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 152.42.191.242 - [24/Jul/2025:06:59:45 +0200] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" .... show less	Web App Attack
🇩🇪 LRob.fr	2025-07-24 22:00:30 (11 months ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 Mykola Spesivtsev	2025-07-24 20:42:02 (11 months ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/site/wp-includes/wlwmanifest.xml, Method:GET, ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/site/wp-includes/wlwmanifest.xml, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 show less	Port Scan Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2025-07-24 19:41:56 (11 months ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/wp1/wp-includes/wlwmanifest.xml, Method:GET, ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/wp1/wp-includes/wlwmanifest.xml, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 show less	Port Scan Bad Web Bot Web App Attack
🇩🇪 Mykola Spesivtsev	2025-07-24 18:41:51 (11 months ago)	HTTP Tarpit detected bot activity:TargetPort:80, Path:/2021/wp-includes/wlwmanifest.xml, Method:GET, ... show more HTTP Tarpit detected bot activity:TargetPort:80, Path:/2021/wp-includes/wlwmanifest.xml, Method:GET, UA:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 show less	Port Scan Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 150.95.82.21

🇺🇸 104.168.133.71

🇩🇪 64.226.126.224

🇬🇧 193.163.125.73

🇬🇧 185.152.37.107

🇨🇳 114.67.127.241

🇮🇩 103.190.46.22

🇵🇱 87.251.64.146

🇫🇷 85.217.140.10

🇹🇷 81.214.8.205

🇺🇸 72.253.251.3

🇺🇸 45.131.194.204

🇸🇳 41.208.147.131

🇪🇸 194.146.92.98

🇺🇸 104.168.133.195

🇲🇩 95.65.98.52

🇮🇳 40.81.224.202

🇸🇪 20.91.138.88

🇳🇱 195.178.110.188

🇨🇭 172.161.72.4