JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.201.185

152.42.201.185 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 37%: ?

37%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.201.185

Whois 152.42.201.185

IP Abuse Reports for 152.42.201.185:

This IP address has been reported a total of 102 times from 62 distinct sources. 152.42.201.185 was first reported on August 29th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-08 07:08:18 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 03:08:10.062220 2026] [security2:error] [pid 10380:tid 10487] [client 152.42.201.185:52596] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.baggymaggy.docdalton.com"] [uri "/.git/config"] [unique_id "af2L2i9744SHmVXFHq7SGAAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 05:59:12 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 01:59:04.519339 2026] [security2:error] [pid 16246:tid 16270] [client 152.42.201.185:48370] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "6925kingslynn.com"] [uri "/.git/config"] [unique_id "af17qPrLXiawrJneQGp_AgAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 23:09:32 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 19:09:26.704357 2026] [security2:error] [pid 445:tid 445] [client 152.42.201.185:37852] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cier.xyz\|F\|2"] [data ".env.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cier.xyz"] [uri "/.env.bak"] [unique_id "af0bpt2e8MnqqYEpms0yqAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-07 21:59:16 (1 month ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-06. show less	Web App Attack SSH Hacking
🇩🇪 4server	2026-05-07 21:11:13 (1 month ago)	[ThuMay0723:11:09.2795092026][security2:error][pid964396:tid964519][client152.42.201.185:0]ModSecuri ... show more [ThuMay0723:11:09.2795092026][security2:error][pid964396:tid964519][client152.42.201.185:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"www.b4consulting.ch.136-243-54-122.cpanel.site\"][uri\"/.env.bak\"][unique_id\"afz_7S1wxb23UDsgcz6dOQAAAMs\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 Savvii	2026-05-07 19:40:48 (1 month ago)	20 attempts against mh-misbehave-ban on boron	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 12:56:31 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 08:56:24.822963 2026] [security2:error] [pid 26303:tid 26303] [client 152.42.201.185:33736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.awarriorsprayerbook.kathrynmcbride.com"] [uri "/.git/config"] [unique_id "afyL-K8ZbzfB1HGscJf8eQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-07 11:14:36 (1 month ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-05-07 08:14:18 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 04:14:14.331381 2026] [security2:error] [pid 24236:tid 24236] [client 152.42.201.185:36392] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vesalappi.com"] [uri "/.git/config"] [unique_id "afxJ1hmXO3UDHDAT7VK-hwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 07:56:17 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 03:56:13.782317 2026] [security2:error] [pid 21791:tid 21791] [client 152.42.201.185:34128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxztrader.com"] [uri "/.git/config"] [unique_id "afxFncJDrOlauaqBqFgjWgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 22:14:17 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 152.42.201.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 18:14:10.893318 2026] [security2:error] [pid 7736:tid 7758] [client 152.42.201.185:43922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.australiaplasticsurgery.aafm.us"] [uri "/.git/config"] [unique_id "afu9Mi2ZMnsdwBm7gb69rAAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-06 21:59:13 (1 month ago)	Auto-ban: >3000 req/min op 2026-05-06	Web App Attack SSH Hacking
Anonymous	2026-05-06 20:07:16 (1 month ago)	Attempted search for exploits and vulnerabilities detected by fail2ban ...	Port Scan Brute-Force
🇳🇱 Site.eu	2026-05-06 16:20:29 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇫🇷 COMAITE	2026-05-06 09:11:32 (1 month ago)	Suspicious URL access.	Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 194.32.140.229

🇺🇸 129.153.145.135

🇮🇳 115.96.153.39

🇮🇳 115.96.152.235

🇮🇳 115.96.151.91

🇰🇷 115.68.208.117

🇨🇳 112.124.11.41

🇮🇹 95.250.241.71

🇷🇴 80.94.92.182

🇰🇷 211.105.129.57

🇧🇷 200.77.179.130

🇨🇳 175.30.112.4

🇮🇩 163.7.8.79

🇵🇰 144.48.128.255

🇮🇳 115.96.149.89

🇮🇳 115.96.149.35

🇮🇳 115.96.146.211

🇨🇳 113.221.96.6

🇮🇳 106.51.92.114

🇵🇰 103.157.200.52