JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.128.52.116

178.128.52.116 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.128.52.116

Whois 178.128.52.116

IP Abuse Reports for 178.128.52.116:

This IP address has been reported a total of 29 times from 28 distinct sources. 178.128.52.116 was first reported on June 10th 2026, and the most recent report was 18 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-11 01:25:31 (18 minutes ago)	(XMLRPC) WP XMLPRC Attack 178.128.52.116: 1 in the last 86400 secs; Ports: ; Direction: inout; Trig ... show more (XMLRPC) WP XMLPRC Attack 178.128.52.116: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 178.128.52.116 - - [11/Jun/2026:04:20:31 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 301 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less	Port Scan
🇩🇪 Ba-Yu	2026-06-11 01:14:18 (29 minutes ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
🇧🇪 cmbplf	2026-06-11 01:10:55 (33 minutes ago)	35.726 requests in 1 hour (3mos1w5d)	Brute-Force Bad Web Bot
🇬🇧 andypiper	2026-06-11 01:01:05 (43 minutes ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇨🇿 sajmon0011	2026-06-11 00:55:07 (49 minutes ago)	178.128.52.116 - - [11/Jun/2026:02:55:07 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 ... show more 178.128.52.116 - - [11/Jun/2026:02:55:07 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-11 00:31:44 (1 hour ago)	[redacted] 178.128.52.116 - - [11/Jun/2026:02:31:15 +0200] "POST //xmlrpc.php HTTP/1.1" 200 462 "-" ... show more [redacted] 178.128.52.116 - - [11/Jun/2026:02:31:15 +0200] "POST //xmlrpc.php HTTP/1.1" 200 462 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 178.128.52.116 - - [11/Jun/2026:02:31:18 +0200] "POST //xmlrpc.php HTTP/1.1" 200 462 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 178.128.52.116 - - [11/Jun/2026:02:31:21 +0200] "POST //xmlrpc.php HTTP/1.1" 200 462 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 178.128.52.116 - - [11/Jun/2026:02:31:24 +0200] "POST //xmlrpc.php HTTP/1.1" 200 462 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 178.128.52.116 - - [11/Jun/2026:02:31:27 +0200] "POST //xmlrpc.php HTTP/1.1" 200 462 "-" "Mozilla/5.0 (Windo ... show less	Hacking Web App Attack
Anonymous	2026-06-11 00:30:13 (1 hour ago)	\| [Dangerous/Singapore] Aggressive IP 178.128.52.116 (~30 hits). Type: DoS Defender- Web server 400 ... show more \| [Dangerous/Singapore] Aggressive IP 178.128.52.116 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇬🇧 [email protected]	2026-06-11 00:20:22 (1 hour ago)	178.128.52.116 - - [11/Jun/2026:00:20:20 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 642 ... show more 178.128.52.116 - - [11/Jun/2026:00:20:20 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 642 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [11/Jun/2026:00:20:21 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 642 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [11/Jun/2026:00:20:22 +0000] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 642 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ... show less	Web App Attack
🇩🇪 maxpower	2026-06-11 00:15:08 (1 hour ago)	(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 178.128.52.116 (SG/Singapore/-): 3 in the last ... show more (wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 178.128.52.116 (SG/Singapore/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 178.128.52.116 - - [11/Jun/2026:02:14:39 +0200] "GET //wp-json/wp/v2/users/ HTTP/1.1" 200 766 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-" host=sensationart.it 178.128.52.116 - - [11/Jun/2026:02:14:39 +0200] "POST //xmlrpc.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-" host=sensationart.it 178.128.52.116 - - [11/Jun/2026:02:14:48 +0200] "GET //wp-json/wp/v2/users/ HTTP/1.1" 200 766 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-" host=sensationart.it show less	Port Scan
🇫🇷 SpaceHost-Server	2026-06-11 00:11:39 (1 hour ago)	178.128.52.116 - - [11/Jun/2026:02:11:35 +0200] "POST //xmlrpc.php HTTP/1.1" 200 4880 "-" "Mozilla/5 ... show more 178.128.52.116 - - [11/Jun/2026:02:11:35 +0200] "POST //xmlrpc.php HTTP/1.1" 200 4880 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [11/Jun/2026:02:11:36 +0200] "POST //xmlrpc.php HTTP/1.1" 200 4880 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [11/Jun/2026:02:11:37 +0200] "POST //xmlrpc.php HTTP/1.1" 200 4880 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less	Hacking Web App Attack
🇧🇾 lns.bz	2026-06-11 00:07:30 (1 hour ago)	Too many 404 requests [BY]	Web App Attack
🇨🇭 backslash	2026-06-11 00:06:06 (1 hour ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇫🇷 [email protected]	2026-06-10 23:54:56 (1 hour ago)	PrestaShop Security Module: Calls WordPress paths probing known vulnerabilities	Web App Attack
🇩🇪 spirttm	2026-06-10 23:54:19 (1 hour ago)	178.128.52.116 - - [10/Jun/2026:23:54:16 +0000] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows N ... show more 178.128.52.116 - - [10/Jun/2026:23:54:16 +0000] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [10/Jun/2026:23:54:17 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [10/Jun/2026:23:54:17 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [10/Jun/2026:23:54:17 +0000] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 178.128.52.116 - - [10/Jun/2026:23:54:17 +0000] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTM ... show less	Port Scan Web App Attack
🇳🇴 jad@	2026-06-10 23:51:01 (1 hour ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Obse ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 40 hits. show less	Brute-Force Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇨 2800:1e0:1090:5:9999::243

🇬🇧 213.166.84.41

🇬🇧 185.216.145.171

🇺🇸 184.178.172.13

🇺🇸 173.255.223.103

🇩🇪 69.5.169.62

🇺🇸 52.240.168.203

🇳🇱 45.148.10.147

🇬🇧 5.226.140.106

🇰🇷 203.252.10.4

🇨🇳 183.165.246.226

🇧🇷 170.80.65.140

🇮🇩 163.7.9.84

🇺🇸 136.0.41.143

🇺🇸 107.172.119.48

🇮🇩 103.159.221.207

🇵🇰 101.53.225.5

🇫🇷 91.231.89.90

🇫🇷 86.213.198.163

🇩🇪 69.5.169.59