JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.245.102.33

172.245.102.33 was found in our database!

This IP was reported 205 times. Confidence of Abuse is 16%: ?

16%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	172-245-102-33-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.245.102.33

Whois 172.245.102.33

IP Abuse Reports for 172.245.102.33:

This IP address has been reported a total of 205 times from 87 distinct sources. 172.245.102.33 was first reported on July 8th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 aranguren.org	2026-06-04 08:24:47 (10 hours ago)	172.245.102.33 - - [04/Jun/2026:18:24:46 +1000] "GET /wp-includes/widgets/dyqvcfqv.php HTTP/1.1" 404 ... show more 172.245.102.33 - - [04/Jun/2026:18:24:46 +1000] "GET /wp-includes/widgets/dyqvcfqv.php HTTP/1.1" 404 989 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0" 172.245.102.33 - - [04/Jun/2026:18:24:46 +1000] "GET /admin/function.php HTTP/1.1" 404 989 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 172.245.102.33 - - [04/Jun/2026:18:24:46 +1000] "GET /wp-includes/images/smilies/about.php HTTP/1.1" 404 989 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 172.245.102.33 - - [04/Jun/2026:18:24:46 +1000] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 404 989 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" 172.245.102.33 - - [04/Jun/2026:18:24:47 +1000] "GET /wp-includes/PHPMailer/wp-conflg.php HTTP/1.1" 404 989 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML ... show less	Bad Web Bot
🇮🇹 VHosting	2026-06-02 05:10:04 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇬🇧 ISPLtd	2026-04-01 12:29:49 (2 months ago)	172.245.102.33 - - [01/Apr/2026:09:29:47 -0300] "GET /wp-login.php 172.245.102.33 - - [01/Apr/2026:0 ... show more 172.245.102.33 - - [01/Apr/2026:09:29:47 -0300] "GET /wp-login.php 172.245.102.33 - - [01/Apr/2026:09:29:48 -0300] "GET /wp-PII/ ... show less	Hacking Web App Attack
🇺🇸 mashamal	2026-03-28 16:59:09 (2 months ago)	Vulnerability Probe ...	Web App Attack
🇧🇪 cmbplf	2026-03-22 13:32:46 (2 months ago)	914 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇩🇪 london2038.com	2026-03-22 10:45:00 (2 months ago)	Attacking WordPress 172.245.102.33 - - [22/Mar/2026:11:44:55 +0100] "POST /wp-login.php HTTP/1.1" 50 ... show more Attacking WordPress 172.245.102.33 - - [22/Mar/2026:11:44:55 +0100] "POST /wp-login.php HTTP/1.1" 503 19311 "-" "Mozilla/5.0" show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-03-22 09:15:05 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-03-22 04:28:32 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 todix	2026-03-22 00:44:18 (2 months ago)	Web App Attack Exploid from 172.245.102.33	Web App Attack
🇲🇹 Malta	2026-02-24 16:37:12 (3 months ago)	172.245.102.33 - - [24/Feb/2026:17:37:12 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0" Brute-fo ... show more 172.245.102.33 - - [24/Feb/2026:17:37:12 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-02-21 17:36:48 (3 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 myagent.site	2026-02-21 15:42:44 (3 months ago)	Blocked user enumeration attempt	Hacking
🇪🇸 gnom4ik	2026-02-20 23:10:55 (3 months ago)	ban-reviewer auto report; ip=172.245.102.33; scenario=http:scan; verdict=valid_ban; confidence=0.85; ... show more ban-reviewer auto report; ip=172.245.102.33; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14,15,18; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scenario: http:scan); Decision is part of a sustained abuse pattern (ip_active_decisions_total: 1); No evidence of legitimate use or user activity in the summary show less	Port Scan Hacking Brute-Force
🇩🇪 FeG Deutschland	2026-02-12 08:19:56 (3 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇬🇧 findlab	2026-02-04 14:40:01 (4 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack

Showing 1 to 15 of 205 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.50.168.50

🇺🇸 209.50.163.25

🇳🇴 193.90.12.122

🇳🇱 185.223.235.61

🇮🇩 182.253.156.173

🇳🇱 176.65.139.130

🇺🇸 104.207.43.14

🇳🇱 88.151.32.188

🇩🇪 65.111.28.49

🇩🇪 216.26.255.127

🇨🇳 180.111.30.145

🇺🇸 148.153.121.146

🇮🇳 122.165.124.15

🇩🇪 104.207.63.32

🇰🇷 61.72.55.130

🇨🇦 4.205.28.179

🇳🇱 217.103.204.241

🇺🇸 208.87.242.107

🇩🇪 151.123.178.135

🇸🇬 107.150.112.233