JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.99.120.178

167.99.120.178 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 90%: ?

90%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.99.120.178

Whois 167.99.120.178

IP Abuse Reports for 167.99.120.178:

This IP address has been reported a total of 18 times from 15 distinct sources. 167.99.120.178 was first reported on June 17th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 lns.bz	2026-06-17 21:00:05 (3 hours ago)	.env scanning [DOPP]	Web App Attack
🇳🇱 lns.bz	2026-06-17 15:11:40 (9 hours ago)	Too many 404 requests [DOPP]	Web App Attack
🇺🇸 xmission.com	2026-06-17 14:25:17 (10 hours ago)	Blocked by UFW (TCP on 2078) Source port: 47990 TTL: 50 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 47990 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 167.99.120.178) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇸🇪 KIDOS	2026-06-17 12:17:56 (12 hours ago)	IIS malicious activity: high_400_error_rate (100% of requests are 400 errors)	Web App Attack
🇮🇩 PENJAGA.AUM	2026-06-17 12:09:34 (12 hours ago)	167.99.120.178 - Attack: GPL WEB_SERVER .htpasswd access	Web App Attack SQL Injection Spoofing
🇧🇾 lns.bz	2026-06-17 12:04:44 (12 hours ago)	Too many 404 requests [BY]	Web App Attack
Anonymous	2026-06-17 10:19:30 (14 hours ago)	Honeypot hit: Empty payload (likely service probe); 2077 [1], 2087 [1], 2096 [1], 2083 [1], 2086 [1] ... show more Honeypot hit: Empty payload (likely service probe); 2077 [1], 2087 [1], 2096 [1], 2083 [1], 2086 [1], 2095 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 xmission.com	2026-06-17 09:57:24 (14 hours ago)	Blocked by UFW (TCP on 2078) Source port: 58480 TTL: 50 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 58480 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 167.99.120.178) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 GabrielJST	2026-06-17 07:52:28 (16 hours ago)	Port Scan detected from 167.99.120.178 (US/United States/-).	Port Scan
🇺🇸 kosada.com	2026-06-17 07:02:35 (17 hours ago)	Web vulnerability probing: /.git/refs/heads/main (bogus vhost/SNI)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:11:20 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 167.99.120.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 167.99.120.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:11:16.634112 2026] [security2:error] [pid 10050:tid 10050] [client 167.99.120.178:33184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.155"] [uri "/.git/HEAD"] [unique_id "ajI6hAcgS4V3QNfbV4EOLwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-17 06:09:33 (18 hours ago)	tcp port scan (10 or more attempts)	Port Scan
🇦🇷 Bruno	2026-06-17 05:27:27 (19 hours ago)	Port Scanner: 167.99.120.178	Port Scan
Anonymous	2026-06-17 05:11:21 (19 hours ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇧🇷 SOC PR	2026-06-17 02:36:39 (22 hours ago)	IPS: Web Server Enforcement Violation.	Hacking

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.1.218

🇨🇳 61.185.190.42

🇹🇷 45.148.65.30

🇸🇬 45.78.194.186

🇺🇸 2a00:1d26:c409:96:9999::204

🇫🇷 217.76.61.5

🇰🇿 185.233.3.95

🇺🇸 185.191.171.13

🇩🇪 164.92.226.6

🇫🇮 147.185.133.10

🇫🇮 138.124.5.60

🇨🇳 122.96.28.170

🇨🇳 116.179.32.171

🇺🇸 91.230.168.211

🇳🇱 89.21.67.188

🇳🇱 45.148.10.147

🇨🇳 36.106.166.27

🇳🇱 34.6.8.56

🇮🇪 18.203.92.133

🇯🇵 8.211.162.225