JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.144.40.59

168.144.40.59 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 68%: ?

68%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.144.40.59

Whois 168.144.40.59

IP Abuse Reports for 168.144.40.59:

This IP address has been reported a total of 54 times from 36 distinct sources. 168.144.40.59 was first reported on May 21st 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Diskominfo Lumajang	2026-06-13 18:40:06 (1 week ago)	Security Event Detected by SOC Diskominfo Lumajang: event=alert, hits=3	Brute-Force
🇺🇸 MPL	2026-06-13 17:46:56 (1 week ago)	tcp/22 (2 or more attempts)	Port Scan
🇺🇸 Axel	2026-06-13 17:46:02 (1 week ago)	Blocked by UFW on LAXHH [22/tcp] \| SPT: 52632 \| TTL: 242 \| LEN: 44 \| TOS: 0x00 • Reported by: github ... show more Blocked by UFW on LAXHH [22/tcp] \| SPT: 52632 \| TTL: 242 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan SSH
🇺🇦 URAN Publishing Service	2026-05-26 19:33:05 (1 month ago)	168.144.40.59 - - [26/May/2026:22:33:04 +0300] "GET /blog/wp-includes/fonts/dev.php HTTP/1.1" 404 62 ... show more 168.144.40.59 - - [26/May/2026:22:33:04 +0300] "GET /blog/wp-includes/fonts/dev.php HTTP/1.1" 404 628 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-26 17:33:56 (1 month ago)	168.144.40.59 - - [26/May/2026:20:33:55 +0300] "GET /blog/wp-includes/fonts/dev.php HTTP/1.1" 404 65 ... show more 168.144.40.59 - - [26/May/2026:20:33:55 +0300] "GET /blog/wp-includes/fonts/dev.php HTTP/1.1" 404 650 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36" 168.144.40.59 - - [26/May/2026:20:33:55 +0300] "GET /blog/wp-includes/fonts/iqb.php HTTP/1.1" 404 650 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36" ... show less	Web App Attack
🇺🇸 dtorrer	2026-05-24 12:35:23 (1 month ago)	General vulnerability scan.	Port Scan
🇺🇸 TPI-Abuse	2026-05-24 11:56:17 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2002:a890:283b::a890:283b (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:a890:283b::a890:283b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 07:56:07.923488 2026] [security2:error] [pid 19051:tid 19051] [client 2002:a890:283b::a890:283b:50784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elpais.mx"] [uri "/wp-config.php"] [unique_id "ahLnV4QzSiwv4QnBVr1NjQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-23 09:48:41 (1 month ago)	Multiple web server 400 error codes from same source ip	Web App Attack
Anonymous	2026-05-23 07:13:41 (1 month ago)	Automated report (2026-05-23T03:13:41-04:00). Caught probing for webshells/backdoors. Host might be ... show more Automated report (2026-05-23T03:13:41-04:00). Caught probing for webshells/backdoors. Host might be compromised. show less	Hacking Exploited Host Web App Attack Open Proxy
🇺🇸 TPI-Abuse	2026-05-23 06:39:03 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 168.144.40.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 168.144.40.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 02:38:59.715161 2026] [security2:error] [pid 10871:tid 10871] [client 168.144.40.59:51678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thermalsoftware.com"] [uri "/wp-config.php"] [unique_id "ahFLg0j-ERtK2KHF3fCTrwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-23 05:34:50 (1 month ago)	Web App Attack	Brute-Force Web App Attack
🇺🇸 jcbriar	2026-05-23 05:09:53 (1 month ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 rdpguard.com	2026-05-23 03:04:22 (1 month ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇪🇸 el-brujo	2026-05-23 02:20:16 (1 month ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: DigitalOcean, LLC Country: SG Method: GET Timestamp: 2026-05-23T02:20:16Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-23 02:18:50 (1 month ago)	[Sat May 23 04:18:48.771477 2026] [proxy_fcgi:error] [pid 2306946:tid 2307009] [remote 168.144.40.59 ... show more [Sat May 23 04:18:48.771477 2026] [proxy_fcgi:error] [pid 2306946:tid 2307009] [remote 168.144.40.59:0] AH01071: Got error 'Primary script unknown\n' [Sat May 23 04:18:49.734564 2026] [proxy_fcgi:error] [pid 2313701:tid 2313784] [remote 168.144.40.59:0] AH01071: Got error 'Primary script unknown\n' ... show less	Hacking Web App Attack

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 91.92.129.231

🇮🇳 223.233.87.52

🇨🇦 216.26.234.43

🇬🇧 209.97.183.43

🇮🇳 152.52.15.213

🇱🇹 45.227.254.170

🇬🇧 35.203.210.180

🇬🇧 35.203.210.29

🇹🇭 202.28.194.139

🇭🇰 199.45.154.190

🇺🇦 185.17.125.42

🇨🇳 182.141.204.111

🇮🇩 160.187.174.22

🇺🇸 147.185.132.48

🇸🇪 142.251.38.118

🇳🇱 89.21.67.136

🇬🇧 86.131.166.119

🇧🇬 78.90.19.40

🇱🇹 62.60.130.219

🇬🇧 35.203.211.4