JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.205.79

152.42.205.79 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.205.79

Whois 152.42.205.79

IP Abuse Reports for 152.42.205.79:

This IP address has been reported a total of 27 times from 20 distinct sources. 152.42.205.79 was first reported on November 19th 2025, and the most recent report was 35 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Lee Daniel	2026-06-29 03:29:10 (35 minutes ago)	152.42.205.79 - - [28/Jun/2026:23:29:09 -0400] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ... show more 152.42.205.79 - - [28/Jun/2026:23:29:09 -0400] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.205.79 - - [28/Jun/2026:23:29:09 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.205.79 - - [28/Jun/2026:23:29:09 -0400] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.205.79 - - [28/Jun/2026:23:29:09 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4812 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.205.79 - - [28/Jun/2026:23:29:09 -0400] "GET //news/wp-includes/wlwmanifest. ... show less	DDoS Attack Web Spam Email Spam Port Scan Brute-Force Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-29 02:59:00 (1 hour ago)	Malware host detected by rbl.malware.expert. RBL lookup of 79.205.42.152.rbl.malware.expert succeede ... show more Malware host detected by rbl.malware.expert. RBL lookup of 79.205.42.152.rbl.malware.expert succeeded at REMOTE_ADDR. (400010-mnz6-1) show less	Hacking
🇫🇷 dynamix	2026-06-28 23:59:43 (4 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 23:59:27 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:59:20.789996 2026] [security2:error] [pid 12991:tid 12991] [client 152.42.205.79:52818] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.avalderlaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.avalderlaw.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akG1WHtPJhE9yJqKJ-fujgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 22:42:57 (5 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:42:49.699376 2026] [security2:error] [pid 19101:tid 19101] [client 152.42.205.79:58422] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|automatebi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "automatebi.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akGjafFNotZlRKQ969jwXAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-28 22:26:12 (5 hours ago)		Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-28 22:24:58 (5 hours ago)	WordPress: User enumeration. Pattern match "(author\\\\= (88030-197)	Hacking
🇩🇪 LRob.fr	2026-06-28 22:15:16 (5 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇧🇪 cmbplf	2026-06-28 20:32:36 (7 hours ago)	4.563 requests with url.path //xmlrpc.php 443 requests with url.path */wp-includes/wlwmanifest.xml	Brute-Force Bad Web Bot
Anonymous	2026-06-28 18:57:17 (9 hours ago)	[redacted] 152.42.205.79 - - [28/Jun/2026:20:56:51 +0200] "POST //xmlrpc.php HTTP/1.1" 200 401 "-" " ... show more [redacted] 152.42.205.79 - - [28/Jun/2026:20:56:51 +0200] "POST //xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" [redacted] 152.42.205.79 - - [28/Jun/2026:20:56:54 +0200] "POST //xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" [redacted] 152.42.205.79 - - [28/Jun/2026:20:56:56 +0200] "POST //xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" [redacted] 152.42.205.79 - - [28/Jun/2026:20:56:59 +0200] "POST //xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" [redacted] 152.42.205.79 - - [28/Jun/2026:20:57:02 +0200] "POST //xmlrpc. ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 18:56:17 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:56:13.837126 2026] [security2:error] [pid 25304:tid 25304] [client 152.42.205.79:56513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aquanauticsige.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aquanauticsige.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akFuTTaNqzmj_5Th8RTBZwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 18:22:28 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:22:23.021810 2026] [security2:error] [pid 5632:tid 5632] [client 152.42.205.79:52292] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|apuntesdeinversion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "apuntesdeinversion.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akFmX72pYidSw1DJzuuZkgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 bigwavedave	2026-06-28 18:05:04 (9 hours ago)	Wordpress Attack	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-28 17:06:56 (10 hours ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇺🇸 TPI-Abuse	2026-06-28 16:47:16 (11 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.205.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:47:10.256629 2026] [security2:error] [pid 32285:tid 32285] [client 152.42.205.79:62361] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.applemaccomputerconsulting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.applemaccomputerconsulting.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akFQDq7-iBT8ivmQAe-h8AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 164.90.216.216

🇧🇷 131.100.41.171

🇸🇬 103.134.154.138

🇬🇧 37.10.113.216

🇨🇳 221.226.17.34

🇿🇦 197.234.202.196

🇧🇷 181.218.9.86

🇩🇪 167.94.146.46

🇺🇸 152.32.183.236

🇨🇳 118.250.39.76

🇳🇱 91.92.40.46

🇬🇧 89.37.172.131

🇺🇸 67.170.119.3

🇭🇰 38.76.184.92

🇬🇧 2a06:4883:d000::eb

🇬🇧 217.146.80.98

🇬🇧 185.247.137.183

🇮🇳 106.202.65.140

🇬🇧 34.13.42.94

🇨🇱 179.57.170.71