JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.223.56.199

159.223.56.199 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 15%: ?

15%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.223.56.199

Whois 159.223.56.199

IP Abuse Reports for 159.223.56.199:

This IP address has been reported a total of 21 times from 16 distinct sources. 159.223.56.199 was first reported on August 26th 2025, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-14 11:36:56 (20 hours ago)	Blocked by UFW on LAXHH [7729/tcp] \| SPT: 80 \| TTL: 51 \| LEN: 40 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on LAXHH [7729/tcp] \| SPT: 80 \| TTL: 51 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 ValtonTahiri	2026-06-13 14:01:22 (1 day ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=159.223.56.199; proto=TCP; source_port=22; target_port=15404; flags=ACK,SYN show less	Port Scan
🇫🇷 GEDAL	2025-09-04 11:03:34 (9 months ago)	Fail2ban webexploits @ <hostname> : 159.223.56.199 - - [29/Aug/2025:20:35:15 +0200] "GET //blog/wp-i ... show more Fail2ban webexploits @ <hostname> : 159.223.56.199 - - [29/Aug/2025:20:35:15 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" show less	Brute-Force SSH
Anonymous	2025-09-03 15:03:02 (9 months ago)	Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇳🇱 Site.eu	2025-09-03 14:33:00 (9 months ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 myagent.site	2025-09-03 14:17:57 (9 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php?rsd	Hacking
🇺🇸 TPI-Abuse	2025-09-03 13:31:07 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 159.223.56.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 159.223.56.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 03 09:31:03.530645 2025] [security2:error] [pid 17160:tid 17160] [client 159.223.56.199:56226] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cadimpressions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cadimpressions.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLhDF7o4p2SGP8C-s_Xx_QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-03 07:22:53 (9 months ago)		Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-09-03 04:07:43 (9 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇫🇷 GEDAL	2025-09-02 19:57:31 (9 months ago)	Fail2ban webexploits @ <hostname> : 159.223.56.199 - - [29/Aug/2025:20:35:15 +0200] "GET //blog/wp-i ... show more Fail2ban webexploits @ <hostname> : 159.223.56.199 - - [29/Aug/2025:20:35:15 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45689 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" show less	Brute-Force SSH
🇩🇪 raspi4	2025-09-01 01:41:46 (9 months ago)	Fail2Ban Ban Triggered	Brute-Force Web App Attack
🇩🇪 ps-center	2025-08-31 15:54:51 (9 months ago)	ABV: Web Attack GET /blumenbar/blog/wp-includes/wlwmanifest.xml	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2025-08-30 23:09:59 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-08-30 20:12:04 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 159.223.56.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 159.223.56.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 16:12:00.030835 2025] [security2:error] [pid 16778:tid 16778] [client 159.223.56.199:57442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.blacktieokc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.blacktieokc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLNbEI3zhvfkOI0Q4AGJngAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2025-08-29 19:00:51 (9 months ago)	xmlrpc.php (Potential DDoS or brute force)	Brute-Force Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.140

🇳🇱 176.65.139.237

🇮🇹 151.33.34.75

🇫🇷 51.68.34.131

🇺🇸 45.33.14.197

🇩🇪 213.209.159.225

🇧🇪 198.235.24.181

🇱🇹 77.90.185.86

🇦🇺 43.245.38.223

🇬🇧 213.166.84.53

🇧🇷 200.39.46.41

🇳🇱 193.176.31.215

🇸🇬 165.245.176.51

🇭🇰 103.49.62.60

🇩🇪 69.5.169.79

🇨🇳 49.66.203.142

🇫🇷 5.189.157.28

🇮🇩 203.2.151.28

🇮🇳 112.196.78.4

🇮🇳 103.86.180.10