JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.223.34.129

159.223.34.129 was found in our database!

This IP was reported 568 times. Confidence of Abuse is 88%: ?

88%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.223.34.129

Whois 159.223.34.129

IP Abuse Reports for 159.223.34.129:

This IP address has been reported a total of 568 times from 248 distinct sources. 159.223.34.129 was first reported on April 6th 2022, and the most recent report was 6 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 🐷🐷🐷	2026-06-03 21:44:08 (6 minutes ago)	Multiple WordPress unauthorized access attempts ...	Brute-Force Bad Web Bot
🇺🇸 ph	2026-06-03 21:37:53 (12 minutes ago)	Bad web bot attempting to run wp-includes on non-WP site	Hacking Bad Web Bot Web App Attack
🇧🇪 taivas.nl	2026-06-03 21:32:08 (18 minutes ago)	Bad_requests	Bad Web Bot
🇩🇪 MarkGGN	2026-06-03 21:27:50 (22 minutes ago)	Web attack. 159.223.34.129 - - [03/Jun/2026:23:27:47 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/ ... show more Web attack. 159.223.34.129 - - [03/Jun/2026:23:27:47 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 159.223.34.129 - - [03/Jun/2026:23:27:49 +0200] "GET //wp-json/wp/v2/users/ HTTP/1.1" 403 103 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less	Web App Attack
🇮🇩 Burayot	2026-06-03 21:09:08 (41 minutes ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 159.223.34.129 (SG/Singapore/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 159.223.34.129 (SG/Singapore/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 Epimetheus	2026-06-03 21:08:29 (42 minutes ago)	Unauthorized access attempts: [GET] /sito/wp-includes/wlwmanifest.xml [GET] /2018/wp-includes/wlwma ... show more Unauthorized access attempts: [GET] /sito/wp-includes/wlwmanifest.xml [GET] /2018/wp-includes/wlwmanifest.xml [GET] /xmlrpc.php [GET] /website/wp-includes/wlwmanifest.xml [GET] /cms/wp-includes/wlwmanifest.xml [GET] /shop/wp-includes/wlwmanifest.xml [GET] /wp-includes/wlwmanifest.xml UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 21:07:45 (43 minutes ago)	(mod_security) mod_security (id:225170) triggered by 159.223.34.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 159.223.34.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 17:07:41.339878 2026] [security2:error] [pid 1695:tid 1695] [client 159.223.34.129:56438] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mardensmith.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mardensmith.com"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "aiCXnXr-_PZRje4MwM99wAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 21:05:55 (44 minutes ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=20	Hacking
🇸🇪 nekopavel	2026-06-03 20:50:57 (59 minutes ago)	159.223.34.129 - - [03/Jun/2026:22:50:52 +0200]"GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 1238 ... show more 159.223.34.129 - - [03/Jun/2026:22:50:52 +0200]"GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 123838"-" mishashto.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36""1.977" "0.000""Singapore" "SG" 159.223.34.129 - - [03/Jun/2026:22:50:52 +0200]"GET //xmlrpc.php?rsd HTTP/1.1" 404 123784"-" mishashto.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36""0.403" "0.000""Singapore" "SG" 159.223.34.129 - - [03/Jun/2026:22:50:54 +0200]"GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 123868"-" mishashto.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36""0.794" "0.001""Singapore" "SG" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-03 20:25:24 (1 hour ago)	159.223.34.129 - - [04/Jun/2026:04:25:23 +0800] "GET /en/xmlrpc.php?rsd HTTP/1.1" 404 16 "-" "Mozill ... show more 159.223.34.129 - - [04/Jun/2026:04:25:23 +0800] "GET /en/xmlrpc.php?rsd HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-03 20:13:53 (1 hour ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 20:02:47 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 159.223.34.129 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 159.223.34.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 16:02:41.926823 2026] [security2:error] [pid 9201:tid 9229] [client 159.223.34.129:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mindgardens.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mindgardens.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiCIYYEULaIyTs2yQm2S_wAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 origrata	2026-06-03 19:55:38 (1 hour ago)	[OGWAF] crs_931 attack blocked \| severity: critical \| GET /wp-json/oembed/1.0/embed?url=http://min6k ... show more [OGWAF] crs_931 attack blocked \| severity: critical \| GET /wp-json/oembed/1.0/embed?url=http://min6kotapadang.sch.id \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.14 \| payload: Remote file inclusion (URL in param) show less	Web App Attack
🇳🇱 MM-bot	2026-06-03 19:48:29 (2 hours ago)	URL-probe: HTTP/1.1 GET request on //wp-includes/wlwmanifest.xml (2026-06-03 21:48:29 UTC+2)	Web App Attack Hacking
🇬🇧 venus.launch.bz	2026-06-03 19:22:45 (2 hours ago)	(wpscan) WordPress probe detected from 159.223.34.129 (SG/Singapore/-)	Hacking

Showing 1 to 15 of 568 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇴 192.145.168.50

🇷🇴 92.118.39.62

🇧🇬 79.124.56.238

🇺🇸 70.40.220.123

🇺🇸 68.69.177.101

🇺🇸 20.29.22.204

🇵🇹 213.205.79.49

🇨🇦 173.230.191.177

🇩🇪 164.90.178.220

🇮🇹 158.173.77.72

🇨🇳 125.106.148.102

🇺🇸 50.118.248.199

🇳🇱 45.148.10.152

🇬🇧 217.146.80.102

🇧🇷 205.210.31.214

🇺🇸 192.249.121.181

🇸🇬 165.22.52.238

🇺🇸 64.31.25.250

🇨🇳 60.24.208.248

🇺🇸 47.251.189.38