JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.26.112.103

159.26.112.103 was found in our database!

This IP was reported 59 times. Confidence of Abuse is 56%: ?

56%

ISP	PV-SL-HOSTED-Marseille-Network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS208172
Domain Name	ip.me
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.26.112.103

Whois 159.26.112.103

IP Abuse Reports for 159.26.112.103:

This IP address has been reported a total of 59 times from 20 distinct sources. 159.26.112.103 was first reported on August 14th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-23 00:31:59 (3 hours ago)	Blocked by UFW (TCP on 17704) Source port: 63611 TTL: 50 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 17704) Source port: 63611 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 159.26.112.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-22 03:02:59 (1 day ago)	Blocked by UFW (TCP on 17704) Source port: 38899 TTL: 50 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 17704) Source port: 38899 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 159.26.112.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇩 Burayot	2026-06-21 16:44:41 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 159.26.112.103 (FR/France/-): 2 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 159.26.112.103 (FR/France/-): 2 in the last 3600 secs show less	Web App Attack
🇮🇩 Burayot	2026-06-21 12:56:01 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 159.26.112.103 (FR/France/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 159.26.112.103 (FR/France/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 xmission.com	2026-06-21 08:18:19 (1 day ago)	Blocked by UFW (TCP on 17704) Source port: 52756 TTL: 49 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 17704) Source port: 52756 TTL: 49 Packet length: 60 TOS: 0x08 This report (for 159.26.112.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-20 08:20:59 (2 days ago)	Blocked by UFW (TCP on 17704) Source port: 16384 TTL: 49 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 17704) Source port: 16384 TTL: 49 Packet length: 60 TOS: 0x08 This report (for 159.26.112.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-19 20:02:19 (3 days ago)	Blocked by UFW (TCP on 17704) Source port: 33346 TTL: 49 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 17704) Source port: 33346 TTL: 49 Packet length: 60 TOS: 0x08 This report (for 159.26.112.103) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇪🇸 Gem	2026-06-13 05:59:38 (1 week ago)	Unauthorized web scan.	Web App Attack
🇲🇾 Rizzy	2026-06-07 04:51:14 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-06 17:21:03 (2 weeks ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-06 05:54:49 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 alexsky06	2026-06-06 03:44:05 (2 weeks ago)	WAF block: crowdsecurity/vpatch-env-access from 159.26.112.103	Web App Attack Hacking
🇲🇾 Rizzy	2026-06-06 01:04:00 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-06-04 05:37:06 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-05-30 11:33:35 (3 weeks ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/prod/.env	Web App Attack

Showing 1 to 15 of 59 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.59

🇺🇸 195.184.76.245

🇫🇷 172.71.118.166

🇧🇷 170.83.2.158

🇦🇺 158.178.141.16

🇫🇮 147.185.133.220

🇫🇮 138.124.80.167

🇨🇳 124.117.228.98

🇮🇳 123.253.162.254

🇨🇳 114.221.136.195

🇰🇷 112.184.11.161

🇷🇴 92.118.39.204

🇨🇳 58.247.139.54

🇸🇪 31.59.160.12

🇺🇸 2607:f8b0:4001:c14::12d

🇺🇸 192.210.198.84

🇩🇪 188.34.156.0

🇯🇵 180.43.69.78

🇯🇵 152.32.203.18

🇸🇪 130.49.9.35