JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.203.140.159

159.203.140.159 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 92%: ?

92%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.203.140.159

Whois 159.203.140.159

IP Abuse Reports for 159.203.140.159:

This IP address has been reported a total of 16 times from 15 distinct sources. 159.203.140.159 was first reported on June 17th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-17 15:40:19 (6 hours ago)	Blocked by UFW (TCP on 2078) Source port: 53528 TTL: 50 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 53528 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 159.203.140.159) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇭 Sawasdee	2026-06-17 14:15:29 (7 hours ago)	Port Scan ...	Port Scan
🇺🇸 sumnone	2026-06-17 09:11:05 (12 hours ago)	Port probing on unauthorized port 2078	Port Scan Hacking Exploited Host
🇧🇷 ludarkstar99	2026-06-17 08:20:03 (13 hours ago)	Blocked by os-abuseipdb; 10 hits, proto=tcp, ports=2077,2078,2082,2083,2086,2087,2095,2096,443,80	Port Scan Hacking
🇺🇸 MPL	2026-06-17 08:11:45 (13 hours ago)	tcp port scan (10 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-17 07:29:18 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 159.203.140.159 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 159.203.140.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 03:29:12.494418 2026] [security2:error] [pid 17498:tid 17498] [client 159.203.140.159:57782] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.196"] [uri "/.git/HEAD"] [unique_id "ajJMyFOQm3j4WPRflLFiggAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 06:34:32 (15 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-17 06:03:50 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 159.203.140.159 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 159.203.140.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:03:43.452299 2026] [security2:error] [pid 21609:tid 21622] [client 159.203.140.159:52810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.83"] [uri "/.git/HEAD"] [unique_id "ajI4v5XDzechFvQmmGGP9QAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 04:29:21 (17 hours ago)	Sensitive file access attempt	Hacking
🇺🇸 kosada.com	2026-06-17 04:17:51 (17 hours ago)	Web vulnerability probing: /.git/refs/heads/main (bogus vhost/SNI)	Web App Attack
🇫🇷 zulzeen	2026-06-17 03:38:24 (18 hours ago)	[incypit-web] Banned by Fail2ban (Jail: syswarden-portscan)	Port Scan
🇫🇷 sthoyer.de	2026-06-17 02:37:47 (19 hours ago)	Jun 17 04:37:47 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd: ... show more Jun 17 04:37:47 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=159.203.140.159 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=13031 DF PROTO=TCP SPT=55852 DPT=2078 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 17 04:37:47 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=159.203.140.159 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=17889 DF PROTO=TCP SPT=33214 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 17 04:37:47 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=159.203.140.159 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=60648 DF PROTO=TCP SPT=45572 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 17 04:37:47 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=159.203.140.159 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=58473 DF PROTO=TCP SPT=56990 DPT=209 ... show less	Port Scan
🇫🇷 wiredalter	2026-06-17 01:56:48 (19 hours ago)	Blocked by fail2ban on o2VPS [2077/tcp] Source Port: 56696 TTL: 47 Packet Length: 60 TOS: 0x00 Anal ... show more Blocked by fail2ban on o2VPS [2077/tcp] Source Port: 56696 TTL: 47 Packet Length: 60 TOS: 0x00 Analyzed by https://ip.wiredalter.com show less	Brute-Force SSH
🇷🇸 Scan	2026-06-17 01:12:53 (20 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Axel	2026-06-17 00:45:07 (21 hours ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 40420 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 40420 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.176.16.100

🇧🇪 172.253.90.30

🇩🇪 167.94.145.26

🇩🇪 151.243.11.245

🇰🇷 119.203.231.121

🇺🇸 98.84.200.43

🇷🇺 81.23.173.32

🇺🇸 50.87.144.87

🇳🇱 45.148.10.141

🇸🇬 43.153.227.184

🇬🇪 2.57.217.229

🇳🇱 209.38.99.178

🇺🇸 208.109.38.143

🇬🇧 193.163.125.74

🇧🇬 193.24.211.52

🇧🇷 170.150.170.122

🇸🇬 103.13.206.152

🇺🇸 35.148.181.60

🇩🇪 213.209.159.56

🇹🇼 211.72.129.212