JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.144.123.240

168.144.123.240 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 50%: ?

50%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇮🇳 India
City	Bashettihalli, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.144.123.240

Whois 168.144.123.240

IP Abuse Reports for 168.144.123.240:

This IP address has been reported a total of 21 times from 11 distinct sources. 168.144.123.240 was first reported on May 21st 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hary74656	2026-06-28 14:02:56 (2 days ago)	[Sun Jun 28 15:32:35.392237 2026] [security2:error] [pid 180200:tid 180354] [client 168.144.123.240: ... show more [Sun Jun 28 15:32:35.392237 2026] [security2:error] [pid 180200:tid 180354] [client 168.144.123.240:48678] [client 168.144.123.240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive\|close),\\\\s?(?:keep-alive\|close)\\\\b" at REQUEST_HEADERS:Connection. [file "/usr/share/modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "339"] [id "920210"] [msg "Multiple/Conflicting Connection Header Data Found"] [data "keep-alive, close"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [hostname "beast.weavernet.at"] [uri "/"] [unique_id "akEic-CO6SI4asWr7sXD8QAAANQ"] [Sun Jun 28 15:46:17.382461 2026] [security2:error] [pid 180174:tid 180371] [client 168.144.123.240:56542] [client 168.144.123.240] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:keep-alive\|close) ... show less	Web App Attack
🇩🇪 Manuel Braeuer	2026-06-27 12:05:03 (3 days ago)	168.144.123.240 - - [27/Jun/2026:13:56:48 +0200] "GET / HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Macinto ... show more 168.144.123.240 - - [27/Jun/2026:13:56:48 +0200] "GET / HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36" 168.144.123.240 - - [27/Jun/2026:13:56:51 +0200] "GET / HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36" 168.144.123.240 - - [27/Jun/2026:13:56:58 +0200] "GET / HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36" 168.144.123.240 - - [27/Jun/2026:13:57:01 +0200] "GET / HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36" 168.144.123.240 - - [27/Jun/2026:14:05:02 +0200] "GET / HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537 ... show less	Web App Attack
🇸🇪 SkyDancer	2026-06-21 05:37:53 (1 week ago)	Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ... show more Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx show less	Hacking Brute-Force SSH
🇵🇱 sefinek.net	2026-06-20 23:32:14 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from IN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from IN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /welcome \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-20 06:55:46 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 02:55:39.641535 2026] [security2:error] [pid 17052:tid 17052] [client 168.144.123.240:53782] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|ngm.office-on-the.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ngm.office-on-the.net"] [uri "/"] [unique_id "ajY5a32UetS8YSWaCF7-jgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-19 14:40:35 (1 week ago)	Port Scan detected from 168.144.123.240 (IN/India/Karnataka/Bengaluru/-).	Port Scan
Anonymous	2026-06-16 08:54:15 (2 weeks ago)	89-nginx-404 ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 13:33:32 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:33:24.654436 2026] [security2:error] [pid 29386:tid 29446] [client 168.144.123.240:20292] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|dermatologistsanantonio.aafm.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dermatologistsanantonio.aafm.us"] [uri "/"] [unique_id "ailnpI1YasQ5d-R5pGLh1AAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-09 19:17:17 (3 weeks ago)	{"level":"info","ts":1781029669.3837404,"logger":"http.log.access.log0","msg":"handled request","req ... show more {"level":"info","ts":1781029669.3837404,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"168.144.123.240","remote_port":"49988","client_ip":"168.144.123.240","proto":"HTTP/1.1","method":"GET","host":"ayku.status.updown.io","uri":"/","headers":{"Accept-Encoding":["gzip"],"User-Agent":["Go-http-client/1.1"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000088559,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://ayku.status.updown.io/"],"Content-Type":[]}} {"level":"info","ts":1781029949.0110834,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.123.240","remote_port":"19080","client_ip":"168.144.123.240","proto":"HTTP/1.1","method":"GET","host":"www-korea.lzxp.status.updown.io","uri":"/","headers":{"Accept-Encoding":["gzip"],"User-Agent":["Go-http-client/1.1"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000077768,"size":0,"status ... show less	DDoS Attack Web App Attack
🇦🇺 paulshipley.com.au	2026-06-08 08:23:14 (3 weeks ago)	[Mon Jun 08 18:23:14.516294 2026] [security2:error] [pid 85996] [client 168.144.123.240:65284] [clie ... show more [Mon Jun 08 18:23:14.516294 2026] [security2:error] [pid 85996] [client 168.144.123.240:65284] [client 168.144.123.240] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "shop.levellapromotions.com.au"] [uri "/"] [unique_id "aiZ78sYf-3dvarAkvsL7JAAAAAI"] ... show less	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-06 10:58:16 (3 weeks ago)	[Sat Jun 06 20:58:15.810990 2026] [security2:error] [pid 771383] [client 168.144.123.240:2432] [clie ... show more [Sat Jun 06 20:58:15.810990 2026] [security2:error] [pid 771383] [client 168.144.123.240:2432] [client 168.144.123.240] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.id.au"] [uri "/"] [unique_id "aiP9R1kXnO8TGV1b6a-yxQAAAAM"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:41:51 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:41:45.329086 2026] [security2:error] [pid 7455:tid 7455] [client 168.144.123.240:55352] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|amychop.homehealth101.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "amychop.homehealth101.com"] [uri "/"] [unique_id "aiEsOUrsr8oDWGeR3BWgpgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 03:09:33 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 23:09:29.457859 2026] [security2:error] [pid 10123:tid 10123] [client 168.144.123.240:22562] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.portalvasco.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.portalvasco.com"] [uri "/"] [unique_id "aiDsaVGPYaTZUbJgbEQBVwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:07:52 (4 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 168.144.123.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:07:45.036790 2026] [security2:error] [pid 17447:tid 17447] [client 168.144.123.240:61790] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|sirclive.com.cosentient.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "sirclive.com.cosentient.com"] [uri "/"] [unique_id "ah8qAd7qzUq3X1jKAPBg1AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-01 23:03:08 (4 weeks ago)	9.584 requests to many distinct domains in 1 hour (2w6d3h)	Brute-Force Bad Web Bot

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.224

🇫🇷 185.215.164.223

🇹🇼 128.14.226.125

🇨🇳 116.179.37.203

🇨🇳 116.179.37.183

🇱🇹 45.227.254.170

🇨🇳 36.251.193.76

🇻🇳 14.186.88.229

🇭🇰 223.197.186.7

🇺🇸 162.216.149.37

🇨🇳 116.179.37.20

🇨🇳 116.179.37.8

🇺🇸 91.230.168.5

🇪🇸 91.126.179.63

🇫🇷 85.217.140.20

🇺🇸 69.229.227.44

🇸🇬 8.219.99.79

🇺🇸 209.141.34.121

🇳🇱 172.94.9.154

🇨🇳 116.179.37.31