JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.144.116.211

168.144.116.211 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 65%: ?

65%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇮🇳 India
City	Bashettihalli, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.144.116.211

Whois 168.144.116.211

IP Abuse Reports for 168.144.116.211:

This IP address has been reported a total of 31 times from 17 distinct sources. 168.144.116.211 was first reported on May 21st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 21:38:24 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:38:16.858851 2026] [security2:error] [pid 3670:tid 3670] [client 168.144.116.211:64306] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|autodiscover.yukihouse.hk\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.yukihouse.hk"] [uri "/"] [unique_id "akGUSAgOMtlp6i-_7_uY_wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hary74656	2026-06-28 14:10:28 (2 days ago)	[Sun Jun 28 15:34:17.973221 2026] [security2:error] [pid 180626:tid 180791] [client 168.144.116.211: ... show more [Sun Jun 28 15:34:17.973221 2026] [security2:error] [pid 180626:tid 180791] [client 168.144.116.211:26292] [client 168.144.116.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive\|close),\\\\s?(?:keep-alive\|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "339"] [id "920210"] [msg "Multiple/Conflicting Connection Header Data Found"] [data "keep-alive, close"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [hostname "bro.weavernet.at"] [uri "/"] [unique_id "akEi2Q5Cu-m4KC0ubicLuQAAAwg"] [Sun Jun 28 15:58:41.444622 2026] [security2:error] [pid 180556:tid 180651] [client 168.144.116.211:4742] [client 168.144.116.211] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive\|close),\\ ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 11:12:23 (2 days ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:12:20.187370 2026] [security2:error] [pid 6825:tid 6825] [client 168.144.116.211:34270] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.zacharyschwartzman.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.zacharyschwartzman.com"] [uri "/"] [unique_id "akEBlLIfp6WAYwqwAHjJ7gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 centurion	2026-06-22 18:41:42 (1 week ago)	Blocked by UFW on ns03 [443/tcp] Source port: 36342 TTL: 46 Packet length: 60 TOS: 0x00 This report ... show more Blocked by UFW on ns03 [443/tcp] Source port: 36342 TTL: 46 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇸🇪 SkyDancer	2026-06-21 07:46:45 (1 week ago)	Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ... show more Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx show less	Hacking Brute-Force SSH
🇩🇪 bescared	2026-06-21 05:23:24 (1 week ago)	F2B - Malicious activity detected. URL Probing. -151302cd-	Hacking Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-19 14:35:27 (1 week ago)	Port Scan detected from 168.144.116.211 (IN/India/Karnataka/Bengaluru/-).	Port Scan
🇺🇸 TPI-Abuse	2026-06-19 13:56:04 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 09:56:01.181373 2026] [security2:error] [pid 16435:tid 16546] [client 168.144.116.211:30818] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|torreymanagement.com.torreydc.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "torreymanagement.com.torreydc.com"] [uri "/"] [unique_id "ajVKcSAkB0GZopGq1ajVcwAAAg0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-06-19 04:57:05 (1 week ago)	168.144.116.211 (IN/India/-), more than 7 Apache 403 hits	Hacking
Anonymous	2026-06-16 08:54:29 (2 weeks ago)	Probing\(3\) HTTP Ports ...	Bad Web Bot Web App Attack
🇩🇪 MBombeck	2026-06-13 21:41:27 (2 weeks ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:51:58 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:51:52.924760 2026] [security2:error] [pid 6706:tid 6706] [client 168.144.116.211:52914] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mail.robotrodeo.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.robotrodeo.net"] [uri "/"] [unique_id "aimySPew-6vX8rsOBzNKzAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 13:33:47 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:33:41.599594 2026] [security2:error] [pid 15779:tid 15791] [client 168.144.116.211:3734] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.faceliftnewyork.com.aafm.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.faceliftnewyork.com.aafm.us"] [uri "/"] [unique_id "ailntff-9DC8TNBsYFj1PAAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-10 09:48:12 (2 weeks ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇩🇪 updown.io	2026-06-09 19:16:43 (2 weeks ago)	{"level":"info","ts":1781029565.9819753,"logger":"http.log.access.log0","msg":"handled request","req ... show more {"level":"info","ts":1781029565.9819753,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"168.144.116.211","remote_port":"17408","client_ip":"168.144.116.211","proto":"HTTP/1.1","method":"GET","host":"nswe.status.updown.io","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Connection":["close"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000076015,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://nswe.status.updown.io/"],"Content-Type":[]}} {"level":"info","ts":1781029863.4019706,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.116.211","remote_port":"35914","client_ip":"168.144.116.211","proto":"HTTP/1.1","method":"GET","host":"wwwa.578.bakery.to-connect.topwww-promo.hobs.status.updown.io","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Connection":["close"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration ... show less	DDoS Attack Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 181.51.34.121

🇫🇮 147.185.133.100

🇬🇧 213.171.208.62

🇧🇪 198.235.24.218

🇪🇸 192.142.52.45

🇮🇳 117.211.15.93

🇨🇳 113.88.78.4

🇺🇸 107.138.130.195

🇬🇧 91.233.83.203

🇰🇷 59.12.160.91

🇺🇸 52.188.189.7

🇬🇧 35.203.211.109

🇫🇷 5.196.45.10

🇳🇱 192.253.248.55

🇳🇱 91.92.40.240

🇳🇱 45.153.34.167

🇬🇧 35.203.210.229

🇧🇩 161.248.189.72

🇷🇺 158.160.209.126

🇰🇷 112.161.26.125