JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.22.242.3

165.22.242.3 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 27%: ?

27%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.22.242.3

Whois 165.22.242.3

IP Abuse Reports for 165.22.242.3:

This IP address has been reported a total of 22 times from 16 distinct sources. 165.22.242.3 was first reported on February 28th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 percocet	2026-04-21 03:05:03 (1 month ago)	Cloudflare blocked 20 requests (HTTP 403) in 1h. Country: SG	DDoS Attack Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-20 22:00:00 (1 month ago)	Auto-ban: 206 malicious requests on 2026-04-19 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 206 malicious requests on 2026-04-19 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇹🇭 thaizone.com	2026-04-20 21:55:49 (1 month ago)	Brute-forcing login against websites (D1-2) #1	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-04-20 20:57:08 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 16:57:02.160859 2026] [security2:error] [pid 17913:tid 17941] [client 165.22.242.3:62627] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.peterhansenranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.peterhansenranch.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aeaTHkDxNJ20E1TzX_hPnAAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-04-20 19:18:16 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-04-20 16:02:01 (1 month ago)	(wordpress) Failed wordpress login from 165.22.242.3 (SG/Singapore/-): (CF_ENABLE)	Brute-Force
Anonymous	2026-04-20 14:04:30 (1 month ago)	165.22.242.3 - - [20/Apr/2026:16:04:25 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "- ... show more 165.22.242.3 - - [20/Apr/2026:16:04:25 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 165.22.242.3 - - [20/Apr/2026:16:04:28 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 165.22.242.3 - - [20/Apr/2026:16:04:28 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 165.22.242.3 - - [20/Apr/2026:16:04:29 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 165.22.242.3 - - [20/Apr/2026:16:04:30 +0200] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ... show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-04-20 10:18:24 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 NXTwoThou	2026-04-20 05:35:04 (1 month ago)	BadRequest	Web App Attack
🇺🇸 TPI-Abuse	2026-04-20 01:47:21 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 21:47:17.969888 2026] [security2:error] [pid 3145390:tid 3145390] [client 165.22.242.3:55733] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vm-srl.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vm-srl.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aeWFpe6FebMtR-OsYiJIbQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-20 01:05:23 (1 month ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=20	Hacking
🇺🇸 mnsf	2026-04-19 23:05:18 (1 month ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 20:29:15 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 16:29:08.030094 2026] [security2:error] [pid 2455003:tid 2455003] [client 165.22.242.3:55962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|answeringilliana.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "answeringilliana.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aeU7FDWONj48OYsQJZ4XqwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 19:38:29 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 165.22.242.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 15:38:24.334996 2026] [security2:error] [pid 2286502:tid 2286502] [client 165.22.242.3:50678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|topofbig4.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "topofbig4.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aeUvMK_4RMzRWlQC9tMPfwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-04-19 18:31:34 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.224

🇳🇱 193.39.208.26

🇮🇳 172.83.83.194

🇫🇷 91.196.152.120

🇺🇸 66.132.172.235

🇧🇷 45.140.193.156

🇩🇪 37.228.164.91

🇫🇮 204.168.255.141

🇨🇳 203.34.56.186

🇨🇦 199.167.138.45

🇯🇵 172.104.100.117

🇸🇬 167.99.72.161

🇭🇰 156.225.29.180

🇺🇸 143.198.164.235

🇹🇼 128.14.227.52

🇷🇺 85.93.45.33

🇺🇸 18.235.158.19

🇳🇱 176.65.148.185

🇺🇸 165.227.84.176

🇺🇸 165.154.173.196