JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.245.102.58

172.245.102.58 was found in our database!

This IP was reported 192 times. Confidence of Abuse is 45%: ?

45%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	172-245-102-58-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.245.102.58

Whois 172.245.102.58

IP Abuse Reports for 172.245.102.58:

This IP address has been reported a total of 192 times from 79 distinct sources. 172.245.102.58 was first reported on August 25th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 03:06:11 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.245.102.58 (172-245-102-58-host.colocrossin ... show more (mod_security) mod_security (id:210492) triggered by 172.245.102.58 (172-245-102-58-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 23:06:04.543450 2026] [security2:error] [pid 32120:tid 32120] [client 172.245.102.58:61645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "u.planettony.com"] [uri "/.env"] [unique_id "ait3nLDKTI3njvZ2q41cugAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 pengpeng	2026-06-05 07:33:40 (1 week ago)	monitor: on VM-0-7-ubuntu \| port: 26285 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 26285 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-04 20:35:17 (1 week ago)	Failed Wordpress Logins	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-04 06:17:11 (1 week ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 172.245.102.58 - - [04/Jun/2026:07:17:06 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 172.245.102.58 - - [04/Jun/2026:07:17:06 +0100] GET /wp-includes/block-bindings/admin.php HTTP/1.1 301 541 - Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 show less	Web App Attack
🇫🇷 tecnicorioja	2026-06-03 22:01:09 (1 week ago)	wp-login attack [03/Jun/2026:10:43:02	Brute-Force Web App Attack
🇫🇷 pm33	2026-06-01 00:53:39 (2 weeks ago)	Wordpress login attempts	Brute-Force
🇩🇪 F242	2026-06-01 00:11:10 (2 weeks ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇫🇷 masterguru	2026-05-31 00:09:42 (2 weeks ago)	(wordpress) Apache: Failed WordPress login from 172.245.102.58 (US/United States/172-245-102-58-host ... show more (wordpress) Apache: Failed WordPress login from 172.245.102.58 (US/United States/172-245-102-58-host.colocrossing.com): 10 in the last 3600 secs (0-195) show less	Hacking
🇪🇸 SweetHoneyPress	2026-05-30 00:02:29 (2 weeks ago)	WordPress honeypot: POST to /xmlrpc.php \| event_id=693387 \| UA: Mozilla/5.0 (Windows NT 6.2; x86) Ap ... show more WordPress honeypot: POST to /xmlrpc.php \| event_id=693387 \| UA: Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/80.0.0.0 Safari/537.36 show less	Web App Attack Brute-Force
Anonymous	2026-05-24 18:12:54 (3 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-17 21:01:35 (4 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-13 20:41:41 (1 month ago)	Failed Wordpress Logins	Web App Attack
🇸🇪 SkyDancer	2026-04-18 02:02:26 (1 month ago)	Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ... show more Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X). show less	Hacking Brute-Force
Anonymous	2026-04-16 05:29:11 (2 months ago)	172.245.102.58 - - [16/Apr/2026:07:28:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12. ... show more 172.245.102.58 - - [16/Apr/2026:07:28:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.0; WordPress/6.3; http://site64059683.com" 172.245.102.58 - - [16/Apr/2026:07:28:49 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/12.0; WordPress/6.3; http://site64059683.com" 172.245.102.58 - - [16/Apr/2026:07:28:58 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" 172.245.102.58 - - [16/Apr/2026:07:29:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" 172.245.102.58 - - [16/Apr/2026:07:29:09 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-04-02 07:14:24 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack

Showing 1 to 15 of 192 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.67.218

🇺🇸 184.105.139.74

🇺🇸 173.239.211.9

🇨🇳 119.145.107.60

🇺🇸 74.82.47.19

🇫🇷 46.105.28.235

🇳🇱 45.156.87.13

🇺🇸 45.131.193.34

🇰🇷 211.223.26.139

🇮🇳 202.179.159.55

🇪🇬 197.36.247.71

🇷🇺 193.24.231.70

192.168.200.231

🇨🇱 190.163.94.145

🇳🇱 185.242.226.90

🇷🇺 185.42.24.225

🇳🇱 176.65.148.58

🇺🇸 159.89.133.65

🇸🇬 152.42.164.200

🇺🇸 151.240.45.5