JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.223.94.18

159.223.94.18 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.223.94.18

Whois 159.223.94.18

IP Abuse Reports for 159.223.94.18:

This IP address has been reported a total of 83 times from 28 distinct sources. 159.223.94.18 was first reported on August 19th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-06-09 08:37:26 (1 week ago)	993 requests with url.path config.json 695 requests with url.path ftp-sync.json 192 requests wi ... show more 993 requests with url.path config.json 695 requests with url.path ftp-sync.json 192 requests with url.path *sftp.json show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-09 08:09:03 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:08:58.261393 2026] [security2:error] [pid 26402:tid 26434] [client 2002:9fdf:5e12::9fdf:5e12:58356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhhg.org"] [uri "/sftp-config.json"] [unique_id "aifKGji3aP7p-RsO4bAnsQAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:49:22 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:49:15.605245 2026] [security2:error] [pid 7824:tid 7824] [client 2002:9fdf:5e12::9fdf:5e12:59149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brazilianbikinis.com"] [uri "/sftp-config.json"] [unique_id "aie3a79sxE6pQloUa_NvRwAAAGY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 05:46:26 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:46:17.449262 2026] [security2:error] [pid 17871:tid 17871] [client 2002:9fdf:5e12::9fdf:5e12:60675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "babylontravelone.com"] [uri "/sftp-config.json"] [unique_id "aieoqWGQ23-Ezqjt2YwccwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 Sipo Chutão	2026-06-09 03:00:01 (1 week ago)	/.ftp-config.json	Hacking
🇬🇧 consul.to	2026-06-09 02:25:54 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 00:52:35 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 20:52:30.186171 2026] [security2:error] [pid 22595:tid 22595] [client 2002:9fdf:5e12::9fdf:5e12:56467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhsp.org"] [uri "/sftp-config.json"] [unique_id "aidjzgK2Vmmn0EzFEIcTtgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2026-06-09 00:19:52 (1 week ago)	Mutliple attempts to access forbidden web resources, HTTP code 403.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 22:59:43 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:59:39.001751 2026] [security2:error] [pid 4230:tid 4230] [client 2002:9fdf:5e12::9fdf:5e12:55214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackriverarc.org"] [uri "/sftp-config.json"] [unique_id "aidJW1YfqivVj4Na__fFCwAAAGY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-08 22:15:04 (1 week ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 Lino Project	2026-06-08 18:28:01 (1 week ago)	159.223.94.18 - - [08/Jun/2026:20:27:58 +0200] "GET /sftp-config.json HTTP/1.1" 301 804 "-" "Mozilla ... show more 159.223.94.18 - - [08/Jun/2026:20:27:58 +0200] "GET /sftp-config.json HTTP/1.1" 301 804 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 17:03:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:03:18.331092 2026] [security2:error] [pid 7343:tid 7366] [client 2002:9fdf:5e12::9fdf:5e12:56773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigwheel-design.com"] [uri "/sftp-config.json"] [unique_id "aib11hxR_valCUIZ2JgzfwAAAJg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 16:12:42 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:9fdf:5e12::9fdf:5e12 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 12:12:37.472840 2026] [security2:error] [pid 26575:tid 26575] [client 2002:9fdf:5e12::9fdf:5e12:61626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigredgraphicdesign.com"] [uri "/sftp-config.json"] [unique_id "aibp9YZj6WIoHYejSzynVwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:45:36 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 159.223.94.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 159.223.94.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:45:32.191446 2026] [security2:error] [pid 31090:tid 31090] [client 159.223.94.18:65382] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barnesandbrower.com"] [uri "/sftp-config.json"] [unique_id "aiadTDXtMUn8fF8e_ZfWvwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 Ivo Vynckier	2026-06-08 10:31:00 (2 weeks ago)	159.223.94.18 - - [07/Jun/2026:21:37:09 +0200] "GET /.vscode/ftp-sync.json HTTP/1.1" 301 308 "-" "Mo ... show more 159.223.94.18 - - [07/Jun/2026:21:37:09 +0200] "GET /.vscode/ftp-sync.json HTTP/1.1" 301 308 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 159.223.94.18 - - [07/Jun/2026:21:37:10 +0200] "GET /.sftp-config.json HTTP/1.1" 404 2021 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 159.223.94.18 - - [07/Jun/2026:21:37:11 +0200] "GET /ftp-sync.json HTTP/1.1" 404 2021 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 159.223.94.18 - - [07/Jun/2026:21:37:12 +0200] "GET /.ftp-sync.json HTTP/1.1" 404 2021 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Hacking

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.237.27.82

🇰🇷 222.116.34.84

🇹🇷 213.128.70.19

🇮🇳 122.170.97.94

🇭🇰 114.111.52.109

🇷🇴 80.94.92.187

🇺🇸 20.119.99.184

🇯🇵 8.216.17.61

🇺🇸 134.209.219.34

🇹🇭 125.27.12.122

🇨🇳 116.179.32.23

🇷🇴 92.118.39.202

🇫🇷 91.196.152.180

🇷🇴 80.94.92.182

🇺🇸 17.132.72.13

🇮🇷 2.185.242.92

🇨🇳 222.140.217.203

🇨🇳 222.89.169.98

🇱🇰 220.247.237.236

🇹🇷 176.227.77.145