JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.59.98.227

139.59.98.227 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 83%: ?

83%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.59.98.227

Whois 139.59.98.227

IP Abuse Reports for 139.59.98.227:

This IP address has been reported a total of 44 times from 30 distinct sources. 139.59.98.227 was first reported on December 13th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 07:54:17 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 139.59.98.227 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.98.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:54:12.491830 2026] [security2:error] [pid 13756:tid 13778] [client 139.59.98.227:65454] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thecraftsycat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thecraftsycat.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiZ1JPyBIEqFsvwWsryaEQAAAZQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 04:06:49 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 139.59.98.227 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.98.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:06:44.528652 2026] [security2:error] [pid 10669:tid 10669] [client 139.59.98.227:60346] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theateroobleck.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theateroobleck.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiY_1NONVNlTU26mENhYEwAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-07 21:20:31 (1 week ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇩🇪 Ba-Yu	2026-06-07 19:51:13 (1 week ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
🇩🇪 Blexyel	2026-06-07 19:14:25 (1 week ago)	139.59.98.227 - - [07/Jun/2026:21:14:25 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ... show more 139.59.98.227 - - [07/Jun/2026:21:14:25 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 kosada.com	2026-06-07 17:58:31 (1 week ago)	Web vulnerability probing: /wp-includes/id3/license.txt/web/wp-includes/wlwmanifest.xml	Web App Attack
🇹🇭 thaizone.com	2026-06-07 17:55:57 (1 week ago)	Brute Force Attack on a Web Resources (probe) #1	DDoS Attack Web Spam Brute-Force Web App Attack
🇳🇱 Savvii	2026-06-07 17:29:32 (1 week ago)	10 attempts against mh_ha-misc-ban on sedna	Brute-Force Web App Attack
Anonymous	2026-06-07 17:06:03 (1 week ago)	Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇳🇱 Savvii	2026-06-07 09:19:03 (1 week ago)	10 attempts against mh-misc-ban on sedna	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:44:43 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 139.59.98.227 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 139.59.98.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:44:36.728946 2026] [security2:error] [pid 25673:tid 25673] [client 139.59.98.227:52852] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.texaslawman.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.texaslawman.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiUTVMd6EOkMiRo6X8Lz8gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇨 ACE-INFORMATIQUE.NC	2026-06-07 06:00:04 (1 week ago)	HTTP authentication brute-force blocked by Fail2ban	Brute-Force
Anonymous	2026-06-07 04:20:40 (1 week ago)	Attac	Brute-Force
🇳🇿 Tripwire	2026-06-07 01:06:11 (1 week ago)	Scanning for exploits - //wp-includes/ID3/license.txt	Web App Attack
🇳🇱 wlt-blocker	2026-06-07 00:36:19 (1 week ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400e:c09::120

🇷🇴 193.32.162.76

🇨🇳 153.37.156.3

🇺🇸 138.113.23.170

🇭🇰 114.111.54.189

🇸🇬 68.183.236.1

🇺🇸 66.132.224.15

🇺🇸 44.201.172.10

🇬🇧 35.203.211.184

🇨🇦 20.104.244.165

🇰🇷 1.238.106.229

🇹🇷 212.64.211.124

🇺🇸 104.236.83.40

🇫🇷 92.103.134.183

🇷🇴 80.94.95.242

🇮🇪 34.254.232.104

🇨🇳 124.89.90.56

🇮🇳 103.55.7.130

🇺🇸 102.129.235.179

🇩🇪 64.89.163.9