JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.144.116.40

168.144.116.40 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 66%: ?

66%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇮🇳 India
City	Bashettihalli, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.144.116.40

Whois 168.144.116.40

IP Abuse Reports for 168.144.116.40:

This IP address has been reported a total of 27 times from 19 distinct sources. 168.144.116.40 was first reported on May 22nd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-24 04:31:09 (1 day ago)	Multiple WAF Violations	Web App Attack
🇸🇪 SkyDancer	2026-06-21 08:26:46 (4 days ago)	Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ... show more Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx show less	Hacking Brute-Force SSH
🇩🇪 MBombeck	2026-06-13 21:42:23 (1 week ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
Anonymous	2026-06-11 03:03:19 (2 weeks ago)	ModSecurity rejected a query	Bad Web Bot Web App Attack
🇧🇷 diego	2026-06-11 01:40:28 (2 weeks ago)	[rede-164-29] Port Scan detected from 168.144.116.40 (IN/India/-). 11 hits in the last 220 seconds ... show more [rede-164-29] Port Scan detected from 168.144.116.40 (IN/India/-). 11 hits in the last 220 seconds; Ports: ; Direction: in; Trigger: PS_LIMIT; Logs: Jun 10 22:40:06 kernel: [10336776.528068] Firewall: TCP_IN Blocked* IN=ethX OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx00 SRC=168.144.116.40 DST=0.0.0.x LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=63378 DF PROTO=TCP SPT=14798 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 10 22:40:07 kernel: [10336777.542095] Firewall: TCP_IN Blocked IN=ethX OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx00 SRC=168.144.116.40 DST=0.0.0.x LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=63379 DF PROTO=TCP SPT=14798 show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 22:01:28 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:01:24.398707 2026] [security2:error] [pid 26094:tid 26094] [client 168.144.116.40:23554] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|autodiscover.garon.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.garon.us"] [uri "/"] [unique_id "ainetDn93zKGKKnuzUTUBwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:49:41 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:49:33.619554 2026] [security2:error] [pid 17804:tid 17804] [client 168.144.116.40:41238] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mail.secession.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.secession.net"] [uri "/"] [unique_id "aimxvdLudgkKtFM18gBxXgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 13:33:33 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:33:23.796028 2026] [security2:error] [pid 12385:tid 12410] [client 168.144.116.40:58758] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|breastaugmentationphoto.aafm.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "breastaugmentationphoto.aafm.us"] [uri "/"] [unique_id "ailno3vw5HEiCH9uLqHi0wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 23:27:52 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 19:27:48.690000 2026] [security2:error] [pid 16612:tid 16612] [client 168.144.116.40:37304] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.ctrussell.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.ctrussell.us"] [uri "/"] [unique_id "aiihdKUKMkrTJxYm_uiFtgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-09 19:23:48 (2 weeks ago)	{"level":"info","ts":1781029684.334497,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781029684.334497,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.116.40","remote_port":"3230","client_ip":"168.144.116.40","proto":"HTTP/1.1","method":"GET","host":"blog.ye2a.status.updown.io","uri":"/","headers":{"Accept-Encoding":["gzip"],"User-Agent":["Go-http-client/1.1"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000084381,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://blog.ye2a.status.updown.io/"],"Content-Type":[]}} {"level":"info","ts":1781029853.8463392,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.116.40","remote_port":"64712","client_ip":"168.144.116.40","proto":"HTTP/1.1","method":"GET","host":"wildcard.tekaccess.yegobox161.35.139.3www.gpr8.status.updown.io","uri":"/","headers":{"Connection":["close"],"Accept-Encoding":["gzip"],"User-Agent":["Go-http-client/1.1"]}},"bytes_read":0,"user_id":"","du ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:58:49 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:58:45.560478 2026] [security2:error] [pid 21224:tid 21224] [client 168.144.116.40:35032] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|autodiscover.tandm.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.tandm.us"] [uri "/"] [unique_id "aigOBRPDrY7p5VaVfOjVmQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 11:56:26 (2 weeks ago)	[Sun Jun 07 11:56:25.943779 2026] [authz_core:error] [pid 450001:tid 450001] [client 168.144.116.40: ... show more [Sun Jun 07 11:56:25.943779 2026] [authz_core:error] [pid 450001:tid 450001] [client 168.144.116.40:59428] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/ [Sun Jun 07 11:56:25.946347 2026] [authz_core:error] [pid 450265:tid 450265] [client 168.144.116.40:59420] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/ [Sun Jun 07 11:56:25.947249 2026] [authz_core:error] [pid 450389:tid 450389] [client 168.144.116.40:59396] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/ [Sun Jun 07 11:56:25.947415 2026] [authz_core:error] [pid 450388:tid 450388] [client 168.144.116.40:59410] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/ [Sun Jun 07 11:56:25.948397 2026] [authz_core:error] [pid 449924:tid 449924] [client 168.144.116.40:59452] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/ ... show less	Brute-Force
🇩🇪 Reinhard	2026-06-05 17:53:46 (2 weeks ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇺🇸 TPI-Abuse	2026-06-04 08:14:58 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.116.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:14:55.741612 2026] [security2:error] [pid 14823:tid 14823] [client 168.144.116.40:29360] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|photographicessays.homehealth101.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "photographicessays.homehealth101.com"] [uri "/"] [unique_id "aiEz_-7suVX8-2z7g9xJrgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-06-03 06:51:03 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from IN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from IN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 185.200.116.77

🇪🇸 45.157.184.102

🇺🇸 45.130.83.164

🇨🇳 223.93.164.218

🇹🇼 198.235.24.99

🇨🇳 182.124.42.11

🇷🇴 92.118.39.71

🇫🇷 85.217.140.39

🇨🇳 218.58.73.238

🇺🇸 208.69.161.88

🇺🇸 205.210.31.96

🇳🇱 176.65.148.132

🇭🇰 152.32.214.226

🇺🇸 138.197.204.198

🇨🇳 116.236.43.254

🇮🇷 46.100.196.24

🇬🇧 46.37.52.145

🇸🇬 43.172.194.16

🇬🇧 213.166.84.40

🇧🇷 201.20.177.78