JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 174.138.22.52

174.138.22.52 was found in our database!

This IP was reported 100 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 174.138.22.52

Whois 174.138.22.52

IP Abuse Reports for 174.138.22.52:

This IP address has been reported a total of 100 times from 67 distinct sources. 174.138.22.52 was first reported on May 3rd 2021, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ITSNF	2026-06-22 13:00:02 (6 hours ago)	Blocked by os-abuseipdb; 9 hits, proto=tcp, ports=80	Port Scan Hacking
Anonymous	2026-06-22 12:54:54 (6 hours ago)	174.138.22.52 - - [22/Jun/2026:14:54:53 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 403 428 "-" "Mozilla/ ... show more 174.138.22.52 - - [22/Jun/2026:14:54:53 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ... show less	Web App Attack
🇨🇭 lufi	2026-06-22 11:40:14 (7 hours ago)	2026-06-22 13:40:13 174.138.22.52: blacklisted Pattern: wp-includes/ ...	Web Spam Brute-Force Hacking Web App Attack
Anonymous	2026-06-22 11:18:14 (8 hours ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
🇩🇪 ger-stg-sifi1	2026-06-22 11:13:44 (8 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 KiekerJan	2026-06-22 10:46:05 (8 hours ago)	174.138.22.52 - - [22/Jun/2026:12:46:04 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 ... show more 174.138.22.52 - - [22/Jun/2026:12:46:04 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 174.138.22.52 - - [22/Jun/2026:12:46:04 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ... show less	Web App Attack
🇳🇴 jad-abuse	2026-06-22 10:35:55 (8 hours ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. O ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 2 sensor(s); 54 hits. show less	Brute-Force Web App Attack
🇬🇧 gurnip	2026-06-22 10:27:00 (8 hours ago)	Vulnerability probe of page /wp-includes/wlwmanifest.xml, not found on server.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 09:58:33 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 174.138.22.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 174.138.22.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 05:58:25.685954 2026] [security2:error] [pid 14820:tid 14820] [client 174.138.22.52:64063] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|huntingforebears.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "huntingforebears.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajkHQYQE1r96UMoZ87MjnAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Ribeye375	2026-06-22 09:56:28 (9 hours ago)	HIPS rce-attempt - Block tcp/0:65535	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-22 09:20:42 (9 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 Dolphi	2026-06-22 09:20:07 (10 hours ago)	POST //xmlrpc.php	Brute-Force Web App Attack
Anonymous	2026-06-22 08:47:09 (10 hours ago)	2026/06/22 04:47:06 [error] 36493#0: 3129 open() "/var/www/htdocs/wp-includes/wlwmanifest.xml" fail ... show more 2026/06/22 04:47:06 [error] 36493#0: 3129 open() "/var/www/htdocs/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 174.138.22.52, server: www.hquest.pro.br, request: "GET //wp-includes/wlwmanifest.xml HTTP/1.1", host: "hquest.pro.br" 2026/06/22 04:47:07 [error] 36493#0: 3129 open() "/var/www/htdocs/blog/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 174.138.22.52, server: www.hquest.pro.br, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1", host: "hquest.pro.br" 2026/06/22 04:47:07 [error] 36493#0: 3129 open() "/var/www/htdocs/web/wp-includes/wlwmanifest.xml" failed (2: No such file or directory), client: 174.138.22.52, server: www.hquest.pro.br, request: "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1", host: "hquest.pro.br" ... show less	Bad Web Bot Web App Attack
🇩🇪 AetherFox	2026-06-22 08:44:17 (10 hours ago)	AetherFox VoidGuard detected: [Mon Jun 22 08:44:16.817831 2026] [authz_core:error] [pid 1704953:tid ... show more AetherFox VoidGuard detected: [Mon Jun 22 08:44:16.817831 2026] [authz_core:error] [pid 1704953:tid 1704968] [client 174.138.22.52:54105] AH01630: client denied by server configuration: proxy:https://hq.draconigen.net.dedivirt4209.your-server.de/ [Mon Jun 22 08:44:16.818051 2026] [authz_core:error] [pid 1704953:tid 1704968] [client 174.138.22.52:54105] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Mon Jun 22 08:44:17.074197 2026] [authz_core:error] [pid 1704953:tid 1704976] [client 174.138.22.52:54105] AH01630: client denied by server configuration: proxy:https://hq.draconigen.net.dedivirt4209.your-server.de/wp-includes/wlwmanifest.xml [Mon Jun 22 08:44:17.074433 2026] [authz_core:error] [pid 1704953:tid 1704976] [client 174.138.22.52:54105] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Mon Jun 22 08:44:17.319609 2026] [authz_core:error] [pid 1704953:tid 1704984] [client 174.138.22.52:54105] A ... show less	Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-22 08:27:07 (10 hours ago)	51.680 requests with url.path */xmlrpc.php 51.300 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 100 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e96:4001

🇬🇧 209.97.180.8

🇳🇱 176.65.139.235

🇺🇸 66.132.186.225

🇧🇷 205.210.31.166

🇺🇸 147.185.132.90

🇷🇺 85.173.96.230

🇺🇸 66.175.239.44

🇭🇰 162.211.181.66

🇺🇸 66.132.172.135

🇿🇼 41.174.67.128

🇨🇳 36.132.129.194

🇫🇷 185.177.72.70

🇺🇸 172.212.174.123

🇺🇸 144.172.103.103

🇺🇸 137.27.32.70

🇨🇳 120.46.184.6

🇸🇬 103.250.11.176

🇷🇴 2.57.122.238

🇺🇸 2604:a880:400:d1:0:4:9e8c:c001