JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.220.44

152.42.220.44 was found in our database!

This IP was reported 851 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.220.44

Whois 152.42.220.44

IP Abuse Reports for 152.42.220.44:

This IP address has been reported a total of 851 times from 187 distinct sources. 152.42.220.44 was first reported on August 22nd 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-04-09 05:05:08 (2 months ago)	Fail2Ban - [SSH]Brute-force login attempts on sshd ... [wa01]	Brute-Force SSH
🇸🇬 pusathosting.com	2025-12-14 01:40:06 (6 months ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇮🇩 Burayot	2025-12-12 05:58:49 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 152.42.220.44 (SG/Singapore/-): 1 i ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 152.42.220.44 (SG/Singapore/-): 1 in the last 3600 secs show less	Web App Attack
🇫🇷 SpaceHost-Server	2025-12-11 11:50:18 (6 months ago)	152.42.220.44 - - [11/Dec/2025:12:50:15 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die ... show more 152.42.220.44 - - [11/Dec/2025:12:50:15 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:12:50:16 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:12:50:17 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2025-12-11 11:35:15 (6 months ago)	152.42.220.44 - - [11/Dec/2025:12:35:12 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die ... show more 152.42.220.44 - - [11/Dec/2025:12:35:12 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:12:35:13 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:12:35:14 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2025-12-11 11:20:12 (6 months ago)	152.42.220.44 - - [11/Dec/2025:12:20:09 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die ... show more 152.42.220.44 - - [11/Dec/2025:12:20:09 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:12:20:10 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:12:20:11 +0100] "POST //wp-login.php HTTP/1.1" 200 15236 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" show less	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2025-12-11 06:10:59 (6 months ago)	152.42.220.44 - - [11/Dec/2025:08:09:54 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5 ... show more 152.42.220.44 - - [11/Dec/2025:08:09:54 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 152.42.220.44 - - [11/Dec/2025:08:10:58 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" ... show less	Web App Attack
🇮🇹 VHosting	2025-12-11 05:50:06 (6 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇭🇺 szasa	2025-11-25 14:59:10 (6 months ago)	Aug 24 05:15:40 mail010 sshd[2221455]: Invalid user debian from 152.42.220.44 port 55618 Aug 24 05:1 ... show more Aug 24 05:15:40 mail010 sshd[2221455]: Invalid user debian from 152.42.220.44 port 55618 Aug 24 05:17:15 mail010 sshd[2221472]: Invalid user debian from 152.42.220.44 port 50508 Aug 24 05:18:52 mail010 sshd[2221533]: Invalid user debian from 152.42.220.44 port 47082 Aug 24 05:20:34 mail010 sshd[2221556]: Invalid user debian from 152.42.220.44 port 52334 ... show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-14 16:57:47 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.220.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.220.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 11:57:41.716950 2025] [security2:error] [pid 4439:tid 4439] [client 152.42.220.44:59616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.luxandunion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.luxandunion.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aRdfhfQxGa-128ImLAFJHwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 14:26:19 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.220.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.220.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 09:26:12.019064 2025] [security2:error] [pid 7606:tid 7606] [client 152.42.220.44:61681] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|keyspring-niseko.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "keyspring-niseko.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aRXqhHr-tPsmkLowymgxwgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Globe2	2025-11-11 20:23:20 (7 months ago)	ModSec - Multiple 403s within a short period of time [server: H3]	Web App Attack
🇬🇧 Globe2	2025-11-08 00:04:11 (7 months ago)	ModSec - Multiple 403s within a short period of time [server: H3]	Web App Attack
🇺🇸 TPI-Abuse	2025-11-07 14:38:13 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.220.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 152.42.220.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 09:38:04.632165 2025] [security2:error] [pid 12603:tid 12603] [client 152.42.220.44:54467] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.bergopro.co.uk\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bergopro.co.uk"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ4ETC0DAuDPM_TFrNvFRAAAAD0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-11-04 12:49:26 (7 months ago)	Blocking for trying to access an exploit file: //xmlrpc.php?rsd	Hacking

Showing 1 to 15 of 851 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 107.170.40.174

🇨🇳 27.18.250.63

🇩🇪 202.71.141.170

🇬🇧 185.56.45.50

🇮🇷 178.131.146.28

🇺🇸 148.153.139.128

🇺🇸 136.114.101.170

🇰🇷 112.216.129.27

🇲🇾 49.124.152.180

🇳🇱 45.148.10.141

🇺🇸 34.150.201.4

🇻🇳 27.79.46.126

🇺🇸 23.234.104.196

🇺🇸 23.234.104.102

🇲🇽 187.190.35.163

🇦🇷 186.57.5.220

🇺🇸 150.107.38.221

🇸🇬 103.250.11.156

🇨🇳 101.36.228.201

🇬🇧 92.207.4.157