JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.26.119.224

159.26.119.224 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 30%: ?

30%

ISP	PV-SL-HOSTED-Akasaka-Network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS208172
Domain Name	ip.me
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.26.119.224

Whois 159.26.119.224

IP Abuse Reports for 159.26.119.224:

This IP address has been reported a total of 12 times from 9 distinct sources. 159.26.119.224 was first reported on April 20th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-06-13 04:00:54 (1 week ago)	User login to application from malicious IP 159.26.119.224.. Threat Score: 3.8/10 (LOW). Confidence: ... show more User login to application from malicious IP 159.26.119.224.. Threat Score: 3.8/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-13 03:00:53 (1 week ago)	User login to application from malicious IP 159.26.119.224.. Threat Score: 3.9/10 (LOW). Confidence: ... show more User login to application from malicious IP 159.26.119.224.. Threat Score: 3.9/10 (LOW). Confidence: 30%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-13 02:00:56 (1 week ago)	User login to application from malicious IP 159.26.119.224.. Threat Score: 4/10 (MEDIUM). Confidence ... show more User login to application from malicious IP 159.26.119.224.. Threat Score: 4/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 0/10 (None). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N. Bayesian Probability: 57%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-13 01:00:09 (1 week ago)	User login to application from malicious IP 159.26.119.224.. Threat Score: 0/10 (INFORMATIONAL). Rep ... show more User login to application from malicious IP 159.26.119.224.. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇦🇺 MAGIC	2026-06-08 02:12:50 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 thatprogrammer	2026-06-02 23:47:33 (2 weeks ago)	2026-06-02T23:47:33.204Z Minecraft server scanner: status request (82c882a0)	Port Scan
Anonymous	2026-06-02 23:46:57 (2 weeks ago)	[2026-06-02T23:46:57Z] Minecraft Honeypot: connection attempt on port 25565 using username "Test8103 ... show more [2026-06-02T23:46:57Z] Minecraft Honeypot: connection attempt on port 25565 using username "Test810343" show less	Port Scan
Anonymous	2026-05-19 02:07:22 (1 month ago)	Web attack	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-08 18:22:07 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 07:45:10 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 159.26.119.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.26.119.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 03:45:07.318290 2026] [security2:error] [pid 12259:tid 12259] [client 159.26.119.224:47362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/.env"] [unique_id "afxDA80VcPDI4L1Yflp77wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-05-07 06:47:01 (1 month ago)	(mod_security) mod_security (id:900184) triggered by 159.26.119.224 (JP/Japan/-): 5 in the last 900 ... show more (mod_security) mod_security (id:900184) triggered by 159.26.119.224 (JP/Japan/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇫🇷 ELYAZ	2026-04-20 03:58:17 (2 months ago)	(wordpress) Failed wordpress login from 159.26.119.224 (JP/Japan/-): (CF_ENABLE)	Brute-Force

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 203.175.125.179

🇷🇴 193.32.162.71

🇦🇹 185.244.212.221

🇺🇸 154.83.197.212

🇺🇸 147.185.132.188

🇺🇸 64.176.195.109

🇧🇷 200.108.174.4

🇳🇱 195.178.110.30

🇨🇭 185.212.170.206

🇱🇹 185.2.228.48

🇨🇳 180.153.236.38

🇺🇸 172.81.133.172

🇳🇱 160.119.76.86

🇺🇸 160.3.210.204

🇫🇮 147.185.133.50

🇨🇿 109.81.120.211

🇺🇸 107.167.34.125

🇮🇷 79.175.176.177

🇺🇸 75.177.39.49

🇺🇸 52.180.137.70