JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.42.243.175

152.42.243.175 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.42.243.175

Whois 152.42.243.175

IP Abuse Reports for 152.42.243.175:

This IP address has been reported a total of 27 times from 12 distinct sources. 152.42.243.175 was first reported on December 1st 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 pcislocked	2025-12-16 22:46:00 (6 months ago)	Spamming the living shit out of our Wordpress instance on //xmlrpc.php endpoint (with double slashes ... show more Spamming the living shit out of our Wordpress instance on //xmlrpc.php endpoint (with double slashes for some reason). Digitalocean node. Around 5/10 req per second, all post requests. show less	DDoS Attack Web Spam Brute-Force Web App Attack
🇳🇱 Savvii	2025-12-15 07:38:33 (6 months ago)	10 attempts against mh-misc-ban on plum	Web App Attack
🇺🇸 myagent.site	2025-12-12 13:08:28 (6 months ago)	Blocking for trying to access an exploit file: //xmlrpc.php?rsd	Hacking
🇨🇭 backslash	2025-12-10 09:05:03 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇧🇪 cmbplf	2025-12-09 09:01:42 (6 months ago)	9.564 POST requests in 1 hour (12734745yrs4mos4d)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-09 01:04:23 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 20:04:17.148111 2025] [security2:error] [pid 8574:tid 8574] [client 152.42.243.175:50218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|meetupmadness.io\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "meetupmadness.io"] [uri "/giving-back/wp-includes/id3/license.txt/wp-json/wp/v2/users/"] [unique_id "aTd1kXK4duRyRcEK_pK8agAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:12:28 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:12:23.409637 2025] [security2:error] [pid 11916:tid 11916] [client 152.42.243.175:55052] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mdivietnam.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mdivietnam.com"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "aTMEZxDORu6r704e88Tu9AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:29:13 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:29:07.189179 2025] [security2:error] [pid 29329:tid 29329] [client 152.42.243.175:53399] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mcfuel.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mcfuel.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aTJRgyM7bTTgUys1eDlbegAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:02:10 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:02:03.196380 2025] [security2:error] [pid 23980:tid 23980] [client 152.42.243.175:58159] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mccompu.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mccompu.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aTIvC-h7wITC9GJY1DB3vwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-12-04 18:26:57 (6 months ago)	22.309 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇳🇱 Savvii	2025-12-04 00:10:02 (6 months ago)	10 attempts against mh-misc-ban on ec102959	Web App Attack
🇺🇸 TPI-Abuse	2025-12-03 13:28:35 (6 months ago)	(mod_security) mod_security (id:240335) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 08:28:29.915380 2025] [security2:error] [pid 13819:tid 13819] [client 152.42.243.175:64884] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 152.42.243.175 (+1 hits since last alert)\|seskalee.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seskalee.com"] [uri "/xmlrpc.php"] [unique_id "aTA6_dhIQtVr8INLLPymjQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Starburst SysOp Team	2025-12-03 08:47:12 (6 months ago)	Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 175.243.42.152.rbl.malw ... show more Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 175.243.42.152.rbl.malware.expert succeeded at REQUEST_HEADERS:x-forwarded-for. (1001000-nue6-2) show less	Hacking
Anonymous	2025-12-03 00:15:39 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-12-02 23:02:07 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 152.42.243.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:02:02.083276 2025] [security2:error] [pid 12194:tid 12194] [client 152.42.243.175:55126] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|michaelpmcgrath.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelpmcgrath.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "aS9v6uOTVgza4oOM-zmj9AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 117.31.217.100

🇮🇳 103.39.126.62

🇺🇸 66.132.172.145

🇺🇸 43.166.224.244

🇻🇪 38.248.185.165

🇬🇧 191.101.59.248

🇧🇷 189.50.142.78

🇨🇱 186.35.29.82

🇨🇴 181.32.111.155

🇧🇷 179.172.187.95

🇸🇬 159.223.32.146

🇹🇭 152.32.245.170

🇬🇧 138.68.128.127

🇨🇳 59.39.56.186

🇪🇸 46.39.212.119

🇸🇨 45.194.67.30

🇺🇸 43.166.142.76

🇺🇸 43.166.136.24

🇺🇸 40.124.176.81

🇺🇸 2607:f8b0:4023:1004::126