JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.144.26.116

168.144.26.116 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 57%: ?

57%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇮🇳 India
City	Bashettihalli, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.144.26.116

Whois 168.144.26.116

IP Abuse Reports for 168.144.26.116:

This IP address has been reported a total of 26 times from 13 distinct sources. 168.144.26.116 was first reported on May 21st 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 terraforge.fun	2026-06-21 06:43:52 (4 days ago)	Blocked by on honeypot1-terraforge [443/tcp] \| SPT: 38704 \| TTL: 45 \| LEN: 60 \| TOS: 0x00 • Reported ... show more Blocked by on honeypot1-terraforge [443/tcp] \| SPT: 38704 \| TTL: 45 \| LEN: 60 \| TOS: 0x00 • Reported by: abuse.terraforge.fun show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-20 07:03:49 (5 days ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:03:45.494072 2026] [security2:error] [pid 22182:tid 22182] [client 168.144.26.116:25892] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.juniperhills.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.juniperhills.net"] [uri "/"] [unique_id "ajY7UUm2DWwFTdSfc-n-qwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-19 14:37:38 (5 days ago)	Port Scan detected from 168.144.26.116 (IN/India/Karnataka/Bengaluru/-).	Port Scan
🇪🇸 el-brujo	2026-06-19 03:39:50 (6 days ago)	Cloudflare WAF: Request Path: / Request Query: Host: api.elhacker.net userAgent: Mozilla/5.0 (Macin ... show more Cloudflare WAF: Request Path: / Request Query: Host: api.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.0 Safari/537.36 Action: block Source: zonelockdown ASN Description: DigitalOcean, LLC Country: IN Method: GET Timestamp: 2026-06-19T03:39:50Z ruleId: 9b344b1f2f6c43dd860f1fb2a59d4d32. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 10:41:10 (6 days ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 06:41:05.285336 2026] [security2:error] [pid 8248:tid 8248] [client 168.144.26.116:7626] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.perrycomo.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.perrycomo.com"] [uri "/"] [unique_id "ajPLQZrmN5a7xcztWbtwdwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 MBombeck	2026-06-13 21:30:39 (1 week ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 10:50:49 (1 week ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 06:50:45.665063 2026] [security2:error] [pid 30961:tid 30961] [client 168.144.26.116:57656] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|autodiscover.esware.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.esware.com"] [uri "/"] [unique_id "ai02BYxbcXVywNNsnqSlfAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:43:42 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:43:38.419635 2026] [security2:error] [pid 5760:tid 5760] [client 168.144.26.116:60902] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.fcc.robotrodeo.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.fcc.robotrodeo.net"] [uri "/"] [unique_id "aimwWqy5oegNJVKq84FamgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 13:33:36 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:33:30.468676 2026] [security2:error] [pid 29387:tid 29477] [client 168.144.26.116:28364] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|plastic-surgeon-texas.com.aafm.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "plastic-surgeon-texas.com.aafm.us"] [uri "/"] [unique_id "ailnqvZLFZocvjzWJKoGigAAAVU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 08:13:31 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 04:13:24.919838 2026] [security2:error] [pid 7472:tid 7472] [client 168.144.26.116:55878] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.arofish.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.arofish.us"] [uri "/"] [unique_id "aikcpLcjkld2FTEuRfl4awAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-09 19:20:01 (2 weeks ago)	{"level":"info","ts":1781029839.826804,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781029839.826804,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.26.116","remote_port":"43622","client_ip":"168.144.26.116","proto":"HTTP/1.1","method":"GET","host":"www.h9uz.status.updown.io","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Connection":["close"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.00038741,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://www.h9uz.status.updown.io/"],"Content-Type":[]}} {"level":"info","ts":1781029890.2030904,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"168.144.26.116","remote_port":"25272","client_ip":"168.144.26.116","proto":"HTTP/1.1","method":"GET","host":"www-northamerica.gpr8.status.updown.io","uri":"/","headers":{"User-Agent":["Go-http-client/1.1"],"Connection":["close"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000066237,"size": ... show less	DDoS Attack Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-08 03:45:01 (2 weeks ago)	GET /welcome HTTP/1.1	Web App Attack
🇺🇸 kosada.com	2026-06-06 04:27:47 (2 weeks ago)	Web vulnerability probing: / (bogus vhost/SNI)	Web App Attack
🇩🇪 Reinhard	2026-06-05 17:37:40 (2 weeks ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇺🇸 TPI-Abuse	2026-06-05 03:15:05 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 168.144.26.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:14:58.993573 2026] [security2:error] [pid 6686:tid 6686] [client 168.144.26.116:31552] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mail.paradisepoolsfl.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.paradisepoolsfl.com"] [uri "/"] [unique_id "aiI_Mt4TlSyoTCwLdPy4owAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 207.175.56.241

🇧🇪 34.140.185.74

🇰🇷 221.151.84.6

🇺🇸 207.90.244.18

🇧🇷 190.113.60.195

🇺🇸 155.2.215.76

🇺🇸 142.111.152.175

🇨🇳 114.66.38.145

🇻🇳 103.161.170.12

🇮🇹 93.92.75.3

🇨🇦 84.20.16.45

🇺🇸 43.153.79.218

🇺🇸 24.199.99.169

🇺🇸 20.118.209.123

🇯🇵 203.25.124.211

🇺🇸 195.184.76.221

🇧🇷 179.125.148.105

🇺🇸 152.32.236.116

🇺🇸 152.32.183.209

🇨🇳 123.134.105.12